Stack Overflow
Stack Overflow

Questions tagged [refresh-token]

A Refresh Token is a special kind of token that can be used to obtain a renewed access token —that allows accessing a protected resource— at any time.

999 questions
4
votes
2 answers

Why is it a bad idea to refresh access token every time when I sent request?

I was doing react native app and using OAuth2 and get access token, refresh token and expire in time when I log in my App. I checked my token expire in time when I send a request (GET, POST). If my token expired, then I used a refresh token to get a…
kiritoty
  • 155
  • 1
  • 9
4
votes
0 answers

Best practice for generating refresh token with JWT

Background I'm implementing an authentication system based on JWT and Refresh tokens but I had an hard time searching for serious documentation about the refresh token generation and handling. The common scenarios I've found expect: A short-live…
bertonc96
  • 772
  • 2
  • 13
  • 24
4
votes
1 answer

Access Token and Refresh Token flow

I have read about JWT and access token and refresh token. I understand that you have to set access token expiration in a very short time (minutes) and use refresh tokens to obtain a new access token whenever is expired. Three things are not clear to…
pantonis
  • 5,601
  • 12
  • 58
  • 115
4
votes
3 answers

ZOHO CRM Not getting refresh token in response

I am developing an application in iOS and android, in that i am integrating ZOHO CRM. I use OAuth2.0 for authentication, after that i use REST API to get "refresh token" but i am only get "access token". There are in bellow code to get token. How…
Rahul Parikh
  • 442
  • 1
  • 4
  • 18
4
votes
2 answers

Why doesn't this code works in getting refresh code from refresh code in oAuth2 stex?

In this question, I managed to obtain an access code and refresh code from stex API Why do I have to specify the redirection URI when using authorization token to get access token in OAuth2? So I surf some web, got authorization code, put the code…
user4951
  • 32,206
  • 53
  • 172
  • 282
4
votes
1 answer

How to generate JWT refresh token in Laravel 5.7

First off, let me admit that I'm new to APIs, and right now I'm working on JWT with Laravel. I'm using tymon\jwt-auth (tymon/jwt-auth:dev-develop --prefer-source to be specific). I went through some tutorials and was able to generate JWT access…
Bhanu Prakash
  • 105
  • 1
  • 11
4
votes
2 answers

How to protect the refresh token from hacker

I googled a lot on how to protect the refresh_token from a hacker because it will be stored somewhere in browser's local-storage/cookie, so a hacker can easily steal those tokens and I couldn't able to find a proper answer so I came here. I…
Suganthan Madhavan Pillai
  • 5,495
  • 9
  • 51
  • 84
4
votes
1 answer

How do I auto-refresh a JWT in redux without breaking async flow?

High-level description I have a React/redux/electron app that uses Google Oauth. I want to be able to refresh the access token automatically when it expires. I've researched this and solved it semi-successfully using middleware, but my solution is…
resistor
  • 173
  • 2
  • 9
4
votes
0 answers

Using HttpClient and Custom DelegatingHandler to check for "Unauthorized" requests

I'm currently using a DelegatingHandler to check requests if they become Unauthorized when sending to our Web API. If the response does become unauthorized, I'm currently sending a refresh token to log the user back in and then updating the…
Humpy
  • 2,004
  • 2
  • 22
  • 45
4
votes
1 answer

How to refresh personal access token programmatically in Laravel?

I have used createToken method on User model to create personal access token. Now I want to refresh that token in code without http request to oauth/token/refresh. How could I do that?
Ali Farhoudi
  • 5,350
  • 7
  • 26
  • 44
4
votes
0 answers

Where should I store access tokens and refresh tokens?

I have some questions related to tokens and encryption. First of all Access Tokens : Regardless the various attacks(that you need to bear in mind so that you take measures against), would you recommend storing an access token on the…
Veronica_Zotali
  • 253
  • 1
  • 3
  • 13
4
votes
3 answers

Google oauth: Refresh tokens in Power Query

I am trying to connect to youtube/google analytics using the oauth method and power bi. I have managed half way and I need some help. This is where I am at: I obtain a authorization token manually…
ruthpozuelo
  • 175
  • 1
  • 10
3
votes
1 answer

How to handle JWT refreshing on server side (Next.js or any other)

I have two cookies being stored: JWT and refresh token, both are httponly; path=/, so they are send on all requests, including the API (which doesn't use Bearer, but instead reads the JWT directly from the cookies). The implementation is as usual,…
yisog
  • 61
  • 7
3
votes
1 answer

how to redirect user to logout page when token or refresh token expired using bloc in flutter

This is my base repository where it gets the data from the bloc I want to redirect the user to a custom page like logout when the token expires or refresh token expire. I change pages, in bloc consumer or bloc listener but in this case, this is…
moein_keyvanipur
  • 31
  • 4
3
votes
1 answer

Error on validating JWT token IDX12741. JWT: must have three segments (JWS) or five segments (JWE)

I'm trying to implement token refresh feature in angular 12 and .net core 5. this is my JWT service registration: startup.cs: services.AddAuthentication(options => { options.DefaultAuthenticateScheme =…
Ali.Rashidi
  • 1,284
  • 4
  • 22
  • 51
1 2 3
66 67