I'm using an API that by default has it's access tokens expire 30 days after generating/refreshing. Is there a reason I shouldn't simply have a cron job that refreshes the token every week? I would rather set-and-forget rather than dynamically watch the expiration.
Asked
Active
Viewed 96 times
1 Answers
0
Ideally the token lifespan should be short. Coming back to the question you asked, there are ways you can refresh the token.
- We can let the token expire after 30 days and when the next call you make after token expiration you will get 401 Unauthorized. Once you get that you will know that the token is expired and you can refresh the token. Depending upon from where you are refreshing the token matters, I mean server side or client side.
- We do have the token hence the expiration time as well.By watching the expiration time and refresh the token just before it expires. But for that you should be able to get the token and read all the properties associated with that.
I recommend 1st option as you do not need to worry about reading the token for each and every client.Also if the token is expiring every 30 days, there is no need to refresh every week as that's unnecessary calls to the server asking for refreshed token even though it's valid.
Mitra Ghorpade
- 717
- 4
- 8