I am going to be writing an app that uses the Google calendar API to pull data from a user's personal calendar, and I was wondering if there was a way to do this as like a one time thing, i.e. they will authorize access to their calendar and the user won't have to do that again and the app will keep getting to use the calendar. Thank you!
You should use a refresh token. When authorizing, you can obtain a refresh token along with it. Your refresh token can be used to obtain new access tokens for accessing calendar in this case. The refresh token does not expire and can be kept for future use.
Related
We're developing a IOS App, it uses GoogleSignIn and GoogleAPIClientForREST to gets the user's calendar.
The normal flow is that the client user log into Gmail, then authorizes it, and then the client get the access token, and use the token to request the user's calendars,
Now we want to do this, our App gets the access token, uploads the token to our server, then server uses the token to request the user's calendars,
Eventually, our server will regularly use much number of different users' access token to request Google Calendar api.
Do Google support this? Are there any restrictions or limit?
Thanks!
The main problem you are going to have is that an access token is only good for one hour. So unless you are expecting the user to login every hour and give you a new access token for your backend application this is not going to work.
Second i am not sure how IOS signin works i am not even sure that you can get the code to give you an access token to upload to your backend server. Not to mention that passing around an access token even on a secure connection probably isnt the best design idea.
You might be better off codding this all server sided and having your IOS application rather than connecting via ios directly.
I am not an IOS developer so cant really help you much.
In fact, the client just uploads refresh token to server, then server use it to get access token, and use access token to get calendar events.
I need a help to make a decision related to integrating Microsoft Graph API to integrate office 365 Calendar, that can be accessed at any time.
So for this, I am going to follow the approach to store the Refresh_Token so that whenever I need to access calendar of users I can generate token using this refresh token.
Is it the correct approach to access an user calendar at anytime?
Pls share your views here.
Is it the correct approach to access an user calendar at anytime?
Yes, you are right. And we should refresh the accesstoken using the refresh token before it is expired.
Access tokens are short lived, and you must refresh them after they expire to continue accessing resources. You can do so by submitting another POST request to the /token endpoint, this time providing the refresh_token instead of the code.
For more detail, we can refer to this document
My Access Token is expired after 1 hour and videos are not uploaded in to you-tube due to invalid access token and every time asking for authentication.
How to reactivate existing token or refresh access token.
You schould use long-lived token. There are several methods to get it, but everything is well described here:
Facebooke developers extending tokens
If you want more precisious answer please write in which language are you trying to do that.
I am using Scribe to access the LinkedIn API. I am saving the Access Token along with the Access Token Secret in the database and use them every time I call the API.
The Access Token is supposed to expire 60 days after it has been generated.
I would like to automatically refresh the access token before it expires. I couldn't find a way to do it programatically without the user intervention.
You are not supposed to be able to refresh the access token without the user's intervention. The system was designed this way in order to protect the user's data from being accessed indefinitely.
Linkedin wants to ensure that you cannot access the user's data unless they are actively using your application. To me, if a user doesn't visit your application within 60 days, it means that they aren't using it, and you should not be able to access that data.
I hope this helps.
#params={:"oauth_token"=>"XXXXXXXXXXX",
:oauth_token_secret=>"XXXXXXXXXXX",
:oauth_expires_in=>"5184000"}
I need to download my Delicious bookmarks to a non-web application without constant user interaction. I'm using Delicious's V2 API (using oAuth) but the problem is it seems their access tokens expire after one hour.
I don't have any issues with redirecting the user to Yahoo for a one time authorization, but what is described here (http://developer.yahoo.com/oauth/guide/oauth-refreshaccesstoken.html) means I would have to refresh my access tokens all the time before they expire when the user is away.
Is this really the way they've done their oAuth implementation?
You only need to refresh the access token when they come to use the application again, not while they're away. You can pass the previously expired token and get a new one in return.
Is that a problem? You should only need to make an additional server-side call to refresh the access token if it expires (as long as the authorization itself has not expired, which should last longer, and would need user interaction when it expired).