Stack Overflow
Stack Overflow

Questions tagged [refresh-token]

A Refresh Token is a special kind of token that can be used to obtain a renewed access token —that allows accessing a protected resource— at any time.

999 questions
5
votes
1 answer

RxJava: How to refresh a token when multiple requests are sent at the same time?

I have an app that authenticates using OAuth2 and fetches data from a RESTful service using Retrofit. Now, I have the token retrieval and refreshing up and running. The token is refreshed like so (schedulers omitted): // Each Retrofit call…
manabreak
  • 5,415
  • 7
  • 39
  • 96
4
votes
1 answer

Authenticator to refresh token when multiple APIs are getting called parallely in Android Retrofit

I want to refresh my access token when it gets expired. I have implemented Authenticator as shown below: @Singleton class TokenAuthenticator( val authService: Lazy, private val sharedPreferences: SharedPreferences ) :…
hushed_voice
  • 3,161
  • 3
  • 34
  • 66
4
votes
1 answer

Refresh token in Gmail API?

After successful login, I am getting access token, expire token type, and this stuff in my console by "console.log("my response ",response)". But there is no refresh token. how to get a refresh token. And 2nd question is, How to get an access token…
Muzammil Zafar
  • 65
  • 6
4
votes
2 answers

Recommended simple access token expire handling for app

I have a set of APIs purely for my own app, so I just have a simple API to create access token, when user provided the email and password /api/access_token (return access_token when email and password matched) The access_token was saved and matched…
Ryan
  • 10,041
  • 27
  • 91
  • 156
4
votes
1 answer

refresh token API error "secretOrPrivateKey must have a value"

When a user logs into the API generates a token so that he has access to other endpoints, but the token expires in 60sec, I made a function to generate a new valid token using the old token (which was stored in the database), but when I'm going to…
talison Brendon
  • 61
  • 1
  • 6
4
votes
2 answers

OAuth2: Should a refresh token be invalidated after receiving a new access token?

I currently work on an legacy app which somewhat loosely implements an OAuth2 flow. In short, when the user logs in with username/password, he receives an access/refresh token pair. The access token expires after 20 minutes whereas the refresh token…
Jan Thielemann
  • 85
  • 2
  • 5
4
votes
1 answer

How to implement Refresh Token rotation

am totally new to this Access Token and Refresh Token kindly correct me if am wrong in any place. To my knowledge Refresh Token Rotation means every time a user asks for AT (with valid RT) new pair of AT1 and RT1 will be given. So the next time user…
Athavan T
  • 306
  • 2
  • 15
4
votes
1 answer

How do I implement Refresh Token Rotation?

If I understood the refresh token rotation right, it means that every time we request a new access token, we also get a new refresh token. If a refresh token is used more than once - we invalidate all the refresh tokens that a certain user…
Sap Green
  • 113
  • 1
  • 8
4
votes
1 answer

What is the MUST have claims for JWT refresh tokens? Can it be identical to the access token (with a longer exp)?

Im playing around and creating a custom access token system using JWT. I have already created a system for signing and validating JWT access tokens. However, I find it hard to obtain information about what claims a refresh token should consist…
89282820
  • 43
  • 5
4
votes
1 answer

Unable to get refresh token in github oauth2

I have integrated social login using Github oauth2, Im able to get access token but not refresh token. As per their documentation here I can enable in Optional features section. But there Im not seeing any such option and seeing "There are no…
Selvakumar Ponnusamy
  • 5,363
  • 7
  • 40
  • 78
4
votes
0 answers

NextAuth.js - Custom provider - Refresh token flow

I'm trying to implement an authorization via next-auth with a custom provider. But the NextAuth.js doesn't have a refresh token functionality. I have an endpoint for updating the access token but I'm not sure where the correct place (in next-auth…
Victor
  • 51
  • 1
4
votes
1 answer

Will an old refresh token still be valid if a new refresh token get issued?

My application uses a Google refresh token (to get access_token from Google). I have two questions here: I know Google refresh token does not expire for 6 months (see the doc here); say I got a refresh token refresh_token_old at 5:00pm on Jan 1st ,…
chen
  • 4,302
  • 6
  • 41
  • 70
4
votes
0 answers

Where to store OAuth tokens in a Django application

I’m at the planning stage for an app I’d like to create using django. My idea for one aspect of the app is to hook in to a user’s outlook.com (or gmail.com etc...) account to create a calendar entry/event. In order to do this I plan to leverage the…
pilky01
  • 132
  • 8
4
votes
2 answers

How to use the refresh token of a session to get new jwt access token in amazon-cognito-identity-dart-2 package flutter?

I am currently using the Dart SDK amazon-cognito-identity-dart-2 for authentication and data upload in flutter. When a refresh token is generated for a session, how can I use this refresh token to get new jwt access token before expiration?
PreciseSpeech
  • 317
  • 4
  • 9
4
votes
0 answers

Aurelia refresh access token and resend failed request

I'm using Aurelia with JWT authentication and want to refesh the access token when it is expired. When the access token has been refreshed the failed request should be re-executed. If the refresh token is also expired the user should be navigated to…
RJP
  • 41
  • 2
1 2 3
66 67