question

Kevin Morris avatar image
Kevin Morris asked Kevin Morris answered

New Token versus Refresh Token

My situation is that I have up to four receptionists calling patients, each with their own extension. I have built a "dialer" function (using the Password Flow -> Ringout API calls) into my contact management system. I understand that there is a limit of 5 non-expired tokens per extension.

This whole max token 5, token expire -> refresh token -> refresh token expire seems super complicated . I'll need to hire a team of expert hackers just to "hack in" to my own account. I was hoping to simplify things a tad, by doing this:

1) Obtain a token, store the expiry time in a "per extension" scope variable. (minus 5 seconds just to ensure I am "within bounds"). In the request, set the 'refresh_token_ttl=0' bc I don't want to be using refresh tokens at all.. I think they are unnecessary.

2) Keep using the existing token up until expire time

3) After token expire time, obtain a new token, like I did in step 1 above.

Is there anything wrong with this approach? Or MUST I use refresh tokens?



rest api
1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Phong Vu avatar image
Phong Vu answered

Not sure why you mentioned about the max 5 tokens while it's not the issue you are facing with. As you said each user with their own extension.

Since you are using the password flow authentication, it's up to you to use the refresh token to get a new access token or to re-login when the access token is expired. It makes more sense if your app is a 3-legged authentication to use the refresh token because your user will not need to login every hour after the access token expires.

1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Kevin Morris avatar image
Kevin Morris answered

I forgot about the other auth methods. Ya, that makes sense now. Thanks.

1 |3000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Developer sandbox tools

Using the RingCentral Phone for Desktop, you can dial or receive test calls, send and receive test SMS or Fax messages in your sandbox environment.

Download RingCentral Phone for Desktop:

Tip: switch to the "sandbox mode" before logging in the app:

  • On MacOS: press "fn + command + f2" keys
  • On Windows: press "Ctrl + F2" keys