1

Trying to use Salesforce OCAPI from an app.

On the JWT Auth documentation: https://documentation.b2c.commercecloud.salesforce.com/DOC2/index.jsp?topic=%2Fcom.demandware.dochelp%2FOCAPI%2Fcurrent%2Fusage%2FJWT.html

A JWT has a lifetime of 30 minutes. Before the token expires, you must exchange it for a new token if you want to extend the total lifetime.

If a registered user opens the app after 31 minutes and the persisted JWT is expired, then how is the way to refresh it without prompting login screen again? (persisting user credentials is out of the question due to security vulnerability)

Alan Steiman
  • 412
  • 1
  • 4
  • 14

2 Answers2

0

As the documentation states, you cannot refresh it if it has expired. You must prompt for the login screen again.

I suggest having your app refresh the token automatically in the background.

sholsinger
  • 3,028
  • 2
  • 23
  • 40
  • 1
    Thanks, I think prompting the login every time you open the app is annoying and a terrible user experience, will investigate the option of refreshing in background. – Alan Steiman Oct 02 '20 at 03:45
0

You can save exp (the token expiration-time) from payload section in your db, try to check before intiatling new call if its expire then you can use the /customers/auth resource to get new token. You must include the current token in the Authentication:Bearer request header, and specify the customer type as "type":"refresh".

Kshitij Verma
  • 617
  • 1
  • 4
  • 12