http://developer.linkedin.com/documents/authentication (section: Refreshing Access Tokens)
The paragraph says
LinkedIn access token can be refreshed in 60 days time
on the other hand it also says that client application can keep track of token creation date and compare it with oauth_expires_in value (in seconds) and refresh token if required.
However, I get only oauth_expires_in=599 (secs) when I call request token endpoint.
When I retrieve request token:
oauth_token=xxxxx&oauth_token_secret=xxxxx&oauth_callback_confirmed=true&xoauth_request_auth_url=https://api.linkedin.com/uas/oauth/authorize&, here's a response that I get: oauth_expires_in=599
I do not receive such parameter in response to access token request:
https[://]www[.]linkedin[.]com/uas/oauth/authorize/submit?oauth_token=xxx&oauth_verifier=xxx
Can someone please explain this?
P.S.: Altered urls with [] because it didnt allow me to post more than 2 urls due to lack of reputation.
TIA.
The expiry time you're getting in seconds is the expiry time for the requestToken, not the accessToken. In other words, if you don't exchange that token with an access token in the next 599 seconds (10 minutes) , it will expire and you will need to get a new requestToken.
The oauth token you receive has an expiry date of 60 days, per linkedin documentation. I hope this helps.
Related
I have an issue to configuring Redhat Single SigOn (RHSSO) or Keycloak token expiration in seconds, about 30 seconds.
I just found the configuration in minutes. There is a way to adjust it to seconds?
From the Keycloak Admin Console it is not possible; Keycloak allows to specify the access token expiration time in Minutes, Hours or Days, but not in seconds:
Albeit, when one requests a token, the expiration time is display in seconds, namely:
{"access_token":"...","expires_in":60,"...}
The least amount of time that you can set via Admin Console is 1 minute. To be honest, I fail to see what would be the great benefit of having 30 seconds instead of 1 minute.
In the Admin Console, if one tries to specify 0.1 (or 0,1) minutes an error is displayed
Now that being said, it seems that you can use the Rest Full API to get around that restriction. First, request a token on behalf of the admin, extract its access token (let us called $ACCESS_TOKEN). And then call the following endpoint:
PUT <KEYCLOAK_HOST>/auth/admin/realms/<REALM_NAME>
with the following data
'{"accessTokenLifespan":30}'
Now if you request a token for a client on the Realm REALM_NAME you will get the following:
{"access_token":"...","expires_in":30,"...}
30 seconds as expiration time for the access token.
Now, I have not tested this, so it is up to you to find out if everything still works as it should.
Refresh Token for Quickbooks expiring after 2 day
Refresh Token for Quickbooks expiring after 1 day
Yes, every 24 hours the refresh token gets changed.
Reference - https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#step-5-exchange-authorization-code-for-refresh-and-access-tokens#understand-token-expiration
As per the doc -
Even though the refresh token is valid for 100 days, the value of
refresh token can change every 24-26 hour period. Hence, you might
encounter a situation where the request token that you received first
is different than the latest one. As a best practice, always store the
latest refresh token received from the API response and use that to
make subsequent calls to obtain a new pair of tokens.
I have session timeout setting as 1 hours, and my initial access_token seems timeout around this time. This is excepted.
And after it timeout, i did token refresh and get a new access_token, then i observed this refreshed access_token seems not timeout in 1 hours, even 5~6 hours after, it still not expired.
So is there refresed access_token never expire? Can someone explain more about this?
Refresh token policy is managed from admin side usually and is different from the initial access token. From what you say the setting you have right now for Refresh token is probably 'Refresh token is valid until revoked'.
When you go to your Salesforce org go to Setup -> Manage Connected Apps - find the connection you are looking for and see what policy you have set. You can set it to expire in number of days, based on usage or Immediately.
Using Rails 4 and Koala gem version 2.
I have my personal Facebook page (not profile).
When I am publishing a new post in my website I want to automatically publish it on my facebook page as well.
I am using Koala gem but I have some problem with access tokens.
Visiting https://developers.facebook.com/tools/explorer/ I get a short-live token. This token expires after only 2 hours.
My goal is to obtain a long-live token.
I have created a new Facebook app and I have obtained a client-id and client-secret.
Visiting this https://graph.facebook.com/oauth/access_token?client_id=MY-CLIENT-ID&client_secret=MY-CLIENT-SECRET&grant_type=fb_exchange_token&fb_exchange_token=MY-SHORT-LIVE-TOKEN I get long-live token.
Now I can use my long-live token to publish on my page:
user = Koala::Facebook::API.new long_live_access_token
page_access_token = user.get_connections('me', 'accounts').first['access_token']
page = Koala::Facebook::API.new page_access_token
page.put_connections("me", "feed", message: "I am posting on my page!ok!")
It seems to work, but my problems is that the long-live token expires in 60 days so I need to refresh it.
I have found no solution to refresh a long-live token. It is clear that I can't repeat the entire procedure every 60 days!
Ideas?
From the official docs:
These tokens (long-lived) will be refreshed once per day when the
person using your app makes a request to Facebook's servers. If no
requests are made, the token will expire after about 60 days and the
person will have to go through the login flow again to get a new
token.
The token that never expires is a page token.
I am building a page that would send a request to Intuit Reconnect API to renew the Oauth Token and Token secret values. It is working. But my test Oauth values is not within 30 days of expiration. Thus the response has always been "Token Refresh Window Out of Bounds".
Is there a way around this so that I can get the success response with new token values? I would like to be able test this scenario multiple times, not just once.
https://developer.intuit.com/docs/0025_quickbooksapi/0053_auth_auth/0020_reconnect_api
Thanks.
The playground will allow you to specify the token duration. More information is here:
https://help.developer.intuit.com/s/question/0D5G000004Dk5rxKAB/
Edit: This is the page that lets you specify the token/duration
https://appcenter.intuit.com/Playground/OAuth/IA/