We have a basic 3 legged OAuth web app that allows us to edit extensions, but we keep running into invalid refresh token & token not found errors, which have no explanation or documentation tied to them. I read from some other post that the SDK manages refreshing the tokens automatically, but I haven't seen any official documentation stating so. If the SDK doesn't automatically refresh, what is the best way to refresh them?
Best answer by Phong1426275020
View originalI don't know if this will help anyone else, but I made a basic solution for refreshing the tokens since they don't seem to refresh automatically. Using the @ringcentral/sdk package for Node.js.
const platform = client.platform()
setInterval(async () => {
try {
if(!platform.auth().refreshTokenValid()) {
throw 'Refresh token not valid!'
}
const res = await platform.refresh()
const data = await res.json()
await platform.auth().setData(data)
const date = new Date()
console.log(`(${date.toLocaleString()}) Successfully generated new tokens.`)
return Promise.resolve()
} catch (err) {
console.trace(`Failed to refresh token: ${err}`)
return Promise.reject(err)
}
},1000 * 60 * 45) // Refresh every 45 minutes (Tokens expire every 60 minutes)
Yes, you can implement a loop to keep the access token valid, but you can use the refresh token to get a new access token if the access token expired. Thus, you don't really need to run an interval every 45 minutes. Calling this function will trigger the SDK to refresh the access token if it expired.
platform = rcsdk.platform()
if (await platform.loggedIn()){
// call API
}else{
console.log("BOTH TOKEN TOKENS EXPIRED
}For auto refresh, you should detect if there is no API call within 7 days (refresh token is valid for 7 days), call the refresh() method to get new tokens (both access and refresh token)
That makes sense and seems like a better solution, thank you for the informative answer!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.