After reading the document of Quick Book Online API,i have some questions
1.In order to authorize in quickbook online,i implement ConnectToQuickButton.When i click this button,i get access token & access token secret & save in database.i also get 180 days expire limit.if i don't hide ConnectToQuickButton and press again the button after 50 days,i get new access token & access token secret.Is my 180 days limit initialize newly?
2.Is the above scenerio works after 150 days i.e on 151th day? ConnectToQuickButton button works on 151th day or i have to use Reconnect API?
3.On 181th day,Reconnect will not work,does ConnectToQuickButton work? or i have go through the quickbook flow i.e Signup,Create an app?
4.I access quickbook online data by Creating instance of DataServices.If access token and access token has expired what exception(ServiceException, SecurityException etc) i catch to see that tokens have expired.
Please let me know...
sabbir
Please refer - https://developer.intuit.com/docs/0025_quickbooksapi/0010_getting_started/0020_connect/0010_from_within_your_app
Re 1
Yes, you get a new set of tokens and those are valid for next 180 days.
Re 2
You should call Reconnect(this is mentioned in docs too). But C2QB will work as well.
from docs - Wait 151 days (this is now within 30 days of token expiration), call the Reconnect API to get a new token.
Re 3. On 181th day,Reconnect will not work,does ConnectToQuickButton work? or i have go through the quickbook flow i.e Signup,Create an app?
C2QB works in all scenarios. If you generate new accesstoken and accessSecret then old tokens get invalidated. New tokens will work fine.
Re 4. I access quickbook online data by Creating instance of DataServices.If access token and access token has expired what exception(ServiceException, SecurityException etc) i catch to see that tokens have expired.
You'll get 401 Authentication error.
Reconnect API ref
https://developer.intuit.com/docs/0025_quickbooksapi/0053_auth_auth/oauth_management_api#Reconnect
Thanks
Related
I'm working on a project that has the following requirement: Sessions should never last more than 90 days.
I'm also using Firestore, and by extension to authenticate users, Firebase Auth. I want to give access to Firestore to my android and ios clients, for 90 days maximum. After that duration the session should automatically expire.
I initially thought custom tokens were the solution, because I thought they were just a different term for ID tokens. But in reality they can be used to get a refresh token that never expires.
I therefore thought about managing the refresh tokens myself, by:
issuing my own refresh tokens
verifying their validity
creating a new custom token
exchange the custom token with an id token and refresh token on the back end
only return the ID token to the client
the client would give it to firestore.
I don't mind managing expiration and renewing the id token myself on the my back end.
Now my problem is that when I look at the official SDKs for firestore on Android and SDKs, none seem to allow for just attaching an id token to requests?
Is there a solution to my issue? Or maybe even a better approach?
Thanks!
Using the App Console, I am generating an Access Token for use by my java application.
Why is my access token expiring? It worked yesterday but today I get the below error.
How do I get a permanent token for my application to use? (Usage is similar to a "Google Service Account" that generates a permanent token.)
Exception:
InvalidAccessTokenException
{
"error_summary": "expired_access_token/...",
"error": {
".tag": "expired_access_token"
}
}
UPDATE 2022 12 02:
Thanks for the below information and links. After about 5 hours of working on wrapping my brain around the concepts and the example code, I finally got something working by doing the following:
(1) Using the example code and manual process at https://github.com/dropbox/dropbox-sdk-java/blob/main/examples/examples/src/main/java/com/dropbox/core/examples/authorize/ShortLiveTokenAuthorize.java I obtained an auth code.
(2) I then wrote java code to post the auth code to the https://api.dropbox.com/oauth2/token end point and receive tokens including the refresh token.
(3) I then wrote code to post the refresh token to the same end point to receive an access token.
It appears I can hold on to the refresh token and repeat step 3 to get access tokens each time.
HOWEVER, I must be missing something here.
This is WAY too much extra work that should be done either by the App Console and/or the SDK.
Also, it seems to me that a “Client Credentials Flow” should be available in the API and SDK.
Your thoughts?
Dropbox is in the process of switching to only issuing short-lived access tokens (and optional refresh tokens) instead of long-lived access tokens. You can find more information on this migration here.
Apps can still get long-term access by requesting "offline" access though, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in the OAuth Guide and authorization documentation.
The official Dropbox Java SDK can actually handle the process for you automatically, as long as you supply the necessary credentials, e.g., as shown retrieved in the examples here.
Trying to use Salesforce OCAPI from an app.
On the JWT Auth documentation: https://documentation.b2c.commercecloud.salesforce.com/DOC2/index.jsp?topic=%2Fcom.demandware.dochelp%2FOCAPI%2Fcurrent%2Fusage%2FJWT.html
A JWT has a lifetime of 30 minutes. Before the token expires, you must exchange it for a new token if you want to extend the total lifetime.
If a registered user opens the app after 31 minutes and the persisted JWT is expired, then how is the way to refresh it without prompting login screen again? (persisting user credentials is out of the question due to security vulnerability)
As the documentation states, you cannot refresh it if it has expired. You must prompt for the login screen again.
I suggest having your app refresh the token automatically in the background.
You can save exp (the token expiration-time) from payload section in your db, try to check before intiatling new call if its expire then you can use the /customers/auth resource to get new token. You must include the current token in the Authentication:Bearer request header, and specify the customer type as "type":"refresh".
I'm working on a digital board for meeting rooms. Every board, set outside the door of the meeting room, displays if it's occupied or not and the following meetings, according to it's calendar.
I followed this tutorial to create a JavaScript single-page app.
The problem is that after a while (less than 1 hour) I have to do the log-in again. I'm really struggling to find a solution to avoid it at all or reduce this frequency as much as possible.
Looking around it seems that working on the life of the Token is the answer. Refresh it or, even better, set it that never expires (until-revoked).
I've tried with PowerShell, following this guide but it doesn't work for the v2.0.
Azure AD does not support infinite lifetime Access Tokens. The hard limit for an Access Token lifetime is 1 hour.
However, Azure AD do support infinite chaining of the refresh token for new access tokens. When you modify the configurable token lifetime property and set it to until-revoked you are really doing this for the refresh token.
You must make sure you have proper logic in your code that tracks the expiration time of the access token, and requests for a new access token using the refresh token when the old token expires.
is there a way to get longer token expiration time, or some kind of "permanent" token for client application ( Similarily as in DropBox API's)
SInce there seems to be problems with resumable upload to google drive when token expires, this could help in this situation ?
or is there just a way to define the token validity time to be bigger than 1 hour
br. Jarno
No accessTokens are only good for 1 hour. But you have a refreshToken that was returned along with your accessToken. You can use that to get a new AccessToken when the first one has expired.
Options:
Test either the expire time to see if its getting close to expireing and get a new one before it expires.
Wait until you get the error that says it has expired. Then request a new AccessToken
Personaly I like to get a new one 5 minutes before my AccessToken expires then I avoid an error from the google servers.