I am using free trail on https://vidyo.io/ so if i will pay them then my token will be expired or not ?strong text
A token is used to authenticate entry into a room. When you create one, there is an expiration time that is set. Once that expiration time has passed, then that token is no longer valid.
Of course if your trial promo minutes have expired, then you will need to subscribe to the Vidyo.io service in order to generate valid tokens.
Related
Trying to use Salesforce OCAPI from an app.
On the JWT Auth documentation: https://documentation.b2c.commercecloud.salesforce.com/DOC2/index.jsp?topic=%2Fcom.demandware.dochelp%2FOCAPI%2Fcurrent%2Fusage%2FJWT.html
A JWT has a lifetime of 30 minutes. Before the token expires, you must exchange it for a new token if you want to extend the total lifetime.
If a registered user opens the app after 31 minutes and the persisted JWT is expired, then how is the way to refresh it without prompting login screen again? (persisting user credentials is out of the question due to security vulnerability)
As the documentation states, you cannot refresh it if it has expired. You must prompt for the login screen again.
I suggest having your app refresh the token automatically in the background.
You can save exp (the token expiration-time) from payload section in your db, try to check before intiatling new call if its expire then you can use the /customers/auth resource to get new token. You must include the current token in the Authentication:Bearer request header, and specify the customer type as "type":"refresh".
We are developing an integration with DocuSign. We use embedded signing and JWT authentication.
We received information from DocuSign Partner Solutions team that in JWT authentication, the expiration of the access token can be set by us to a long period of time.
based on that information, I designed the solution so we manually do the JWT authentication flow: get user consent, generate JWT, set expiration to one year and use it to obtain a long expiring access token.
now we went out of sandbox to production. We are testing the solution against a 30 days trail production account. We got user consent. I generate JWT and set expiration to various periods (one day, one month, one year) but I always get an access token that is good for one hour only.
PS, I went through the official documentation which states this about JWT exp property:
Defaults to one hour from the value of iat, and cannot be set to a greater value.
I wanted to know if anyone was able to generate long expiring access token out of JWT in DocuSign
The maximum grant time for access tokens received via the DocuSign OAuth JWT Grant flow is 1 hour.
The maximum grant time for access tokens received via the DocuSign OAuth Authorization Code Grant flow is 8 hours.
Good news for your application is that it is easy to obtain a new token via the JWT Grant flow: just re-run it within your app when the token that you have is about to expire or has expired.
No interaction with the user is needed since they have already provided consent (a one-time operation).
Note that the JWT Grant flow can fail, especially if the user has withdrawn their consent. Be sure to test this situation.
I'm sorry that you were given incorrect information.
I have application that continuously running in background. The app uses UCWA REST api. After authentication I get OAuth token and some expiration time. Authentication docs say "The lifetime of a token is eight (8) hours for authenticated users. The client application should monitor the expiration time and refresh the token as required".
So, when is it required to refresh token? What expiration time should I have in reserve when starting refreshing token? 1, 10 or 60 minutes? What are OAuth best practices?
The response from ticket service will provide the user with the OAuth token, type of token, and an expiration value. This value is measured in seconds which means you can divide out minutes (60) or hours (3600) to get a value that you can expect requests to start failing with 401 Unauthorized. Monitoring is most useful when the application is using anonymous meeting join because the token expiration is much shorter, ~1 hour, and it is the only authentication mechanism to directly offer renewing a token.
This leads to two potential approaches:
If using anonymous meeting join
Check expiration value found in authentication response and start a timer less than the expected value (maybe 1-3 min less)
When timer expires refresh the OAuth token
If not using anonymous meeting join
Send requests until a 401 occurs
Check response headers for WWW-Authenticate and send another authentication request to get new token
Re-issue request with new token
It is better to wait for the 401 to come before taking action to refresh the token in a non-anonymous meeting join scenario.
is there a way to get longer token expiration time, or some kind of "permanent" token for client application ( Similarily as in DropBox API's)
SInce there seems to be problems with resumable upload to google drive when token expires, this could help in this situation ?
or is there just a way to define the token validity time to be bigger than 1 hour
br. Jarno
No accessTokens are only good for 1 hour. But you have a refreshToken that was returned along with your accessToken. You can use that to get a new AccessToken when the first one has expired.
Options:
Test either the expire time to see if its getting close to expireing and get a new one before it expires.
Wait until you get the error that says it has expired. Then request a new AccessToken
Personaly I like to get a new one 5 minutes before my AccessToken expires then I avoid an error from the google servers.
I am a little confused about calculating the time until the access token expires.
I am using server authentication (http://developers.facebook.com/docs/authentication/server-side/).
When I get the authentication code from the Facebook's request to my redirect URL, I send an authentication request back to Facebook and I get the access token along with 'expires' parameters, lately I could see that the expires is a long value that represents the time in seconds until the token expires. For some reason I think it used to be time in miliseconds.
Can I assume that the expiration time is now + expires (in seconds) - it seems to me too long (about ~5109691 seconds) - does it make sense?
Thank you for your help.
Server authenticated access tokens are valid for two months.
The value you are receiving is correct.
Edit:
https://developers.facebook.com/roadmap/offline-access-removal/
Read the 'Server-side OAuth Developers' section.