I'm making a function to post to google my business automatically by using Google my business API by javascript and firebase. The access token is obtained by authentication using Google Sign In.
However, the access token has an expiration date, so I have to renew it using a refresh token.
Can I use the "user.refreshToken" shown in the image below as the refresh token to be used in this case?
Thanks in advance.Data retrieved upon sign-in
Yes, you are right. In general, the refresh token in an OAuth2.0 flow can be used to retrieve a new access token, which can then be used again to access resources. The refresh token normally has a much longer expiration date than the access token hence you can implement functionality like "remember me" using the refresh token.
Related
I used B2C and MSAL to configure the SPA certification.
Then, the backend API access token, refresh token, and ID token are obtained from B2C and stored in localstorage.
However, after about an hour I noticed that the access token was disabled.
At this time, I believe I can use a refresh token to update my access token.
I am a beginner and would be grateful if you could give me a sample or something.
Thank you in advance.
MSAL takes care of refresh token for you.
What you should do is always ask a token from MSAL before using one.
If it needs to refresh it using a refresh token, it will just do that behind the scenes.
You can see an example here: https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-acquire-token.
There it shows a general pattern where you first try acquireTokenSilent, and if that fails, use a popup/redirect to get new tokens.
We are using OAuth to get Access Token and Refresh Token. But Access Token is getting expired fast.We need token with long validity.
How can we achieve this?
In Dynamics CRM, Access tokens are expired in 3600sec. But refresh token will not expire. So you need to generate the new
accesstoken using the refresh token.
If you want refer below page, It will useful for you.
https://learn.microsoft.com/en-us/previous-versions/azure/dn645542(v=azure.100)
So I read the following on the Authorizing Requests to the Google Calendar API page written by Google folks.
Your application must use OAuth 2.0 to authorize requests. No other authorization protocols are supported. If your application uses Google Sign-In, some aspects of authorization are handled for you.
My knowledge of OAuth 2.0 is limited so I'm not sure if that means that I cannot get a one-time auth token for a user?
I'm building an app that will need to CRUD events for a user in the background based on other stuff. So I can't have the user authenticate over and over again. Is there a way around here?
If not, is there an Google Calendar alternative that has a dependable API that I could use?
When the user authenticates your application you are given an Access token (good for one hour) and a refresh token. You should save the refresh token, when ever you need to access the users data you can take the refresh token and ask Google to give you a new access token. It is the access token which gives you access to there account.
I wrote a tutorial that tries to explain Oauth2 how to set it up and how it works. Google Developer console Oauth2
We're successfully using Google Sign In to authenticate and access the data we need. However, our token will eventually expire. The GIDAuthentication object includes a refresh token. We're wondering if the sign-in library is handling the refresh behind the scenes, perhaps as part of signIn or signInSilently.
The API documentation doesn't talk about refreshing the token, so I'm hoping someone can explain how the google library uses the refresh token.
Or, if we refresh the tokens in our code, should we only call signIn when we can no longer use a refresh token to get new tokens?
Looks like the api was added to the 2.1.0 sdk, GIDAuthentication refreshAccessTokenWithHandler.
I am using Oauth to access Google Cloud Storage via their JSON API.
All is fine, I authenticate and get an access token which has an expiration of 3600.
What is the correct way to refresh this?
It is my understanding that in other types of oAuth flows (i.e. Web Server), the initial authorization request returns a refresh token as well as an access token, and that the refresh token is used to ask for another access token when the current access token has expired.
But is appears that there is no refresh token when doing server-to-server oAuth with a Google "Service Account"?
Found the answer.
https://developers.google.com/accounts/docs/OAuth2ServiceAccount#expiration
Access tokens issued by the Google OAuth 2.0 Authorization Server
expire one hour after they are issued. When an access token expires,
then the application should generate another JWT, sign it, and request
another access token.