News & Announcements User Community Developer Community

Welcome to the RingCentral Community

Please note the community is currently under maintenance and is read-only.

Make sure to review our Terms of Use and Community Guidelines.
  Please note the community is currently under maintenance and is read-only.
Home » Developers
Need Authorization Help
Tags: authentication
Oct 24, 2017 at 10:58am   •   2 replies  •  0 likes

I'm trying to help my developer and he needs an example of some sort.

We are currently using the authorization flow method for retrieving tokens. This is a concern as the refresh tokens time out within an hour. We are using a text app that triggers text globally, so it's a 24 hour operation that doesn't have someone available to login and authorize the app every hour. With the call log app, we pull that data throughout the day and night, so we'll need the authorization current for that as well.

Has anyone been able to get the authorization access and refresh tokens to renew on an automatic basis? For example, the initial login and authorization of the app would be done once, then the refresh token would be renewed every 55-57 minutes and the access token would renewed every six days. Even if the user has to do an initial login and authorization, that's fine, as long as the subsequent authorization tokens are automated.

I'm looking for any ideas or solutions, preferably with some sort of example to walk my developer through, even if it's just a basic one. Thanks!

2 Answers
answered on Oct 25, 2017 at 12:55pm  
So the first authorization is through oauth2.
I have a button in our application redirecting to GET /connect
def connect
state_parameter = Base64.encode64({my_param: param}.to_json)
client =, client_secret, {:authorize_url => "https://#{api_server_url}/restapi/oauth/authorize"})
redirect_to client.auth_code.authorize_url(redirect_uri: redirect_uri, response_type: 'code', state: state_parameter )
The redirect_uri should be the same as the one you set up in your dev account. In order to test in dev, you can add one without https like http://localhost/your/path/oauth2callback.
At this point, the user has to enter his login/pwd of his ringcentral account, he has to authorize the access to the information you set and ringcentral redirect you as POST to your redirect uri.

You should create a route POST /oauth2callback
There you get a code that you exchange with a token.
post_params = {client_id: client_id, code: params[:code],
grant_type: 'authorization_code', redirect_uri: redirect_uri}
resp = JSON.parse("https://#{api_server_url}/restapi/oauth/token", post_params))

In resp you have your token, keep it in your DB.
This way there is nothing manual, it is all automatic and the user is asked to accept the permission just once.

It is a classic oauth2 process, you ask for a code, then you exchange the code for a token. You keep the token and refresh it.
Hope it helps.

answered on Oct 24, 2017 at 2:08pm  
I used the same system to oauth my application. The token is valid for one hour, that is true, but the refresh token is valid for a week. 
I don't do a request every hour, so what I did is before doing any request, I check if the token is still valid (with the expiration date). If yes, I keep the token and do my request. If not, I use the refresh token to renew my token and save the new token, the new refresh token, and the new expiration date.
I also have a cron running every day that renews the token if the refresh token arrives at expiration.
I don't know if this is the best solution but it is one that is working for me :-)

That's what I did to refresh my token in ruby:
url = "https://#{client_id}:#{client_secret}@#{api_server_url}/restapi/oauth/token"
headers = {accept: :json, content_type: 'application/x-www-form-urlencoded'}
parameters = "refresh_token=#{refresh_token}&grant_type=refresh_token"
response = JSON.parse(, parameters, headers))

=> in the response I have the new access token and the new refresh token that I saved for later. 

Hope it will help you.


A new Community is coming to RingCentral!

Posts are currently read-only as we transition into our new platform.

We thank you for your patience
during this downtime.

Try Workflow Builder

Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!

Try RingCentral Workflow Builder

Developer Platform
Integrated Apps
App Gallery
Developer support
Games and rewards

Resource center
Product Releases
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Legal Privacy Notice Site Map Contact Us