Reputation: 152266
Store and regenerate auth token in serverless environment
I'm creating a AWS Lambda function that talks with API using bearer token.
This token is generated automaticaly with OAuth endpoint and it has 24h of expiration time.
Because of that, I cannot store this token permanently. Asking for new token with each function invocation is also quite pointless.
What would be the most efficient way of dealing with time-limited token with serverless environment?
Upvotes: 2
Views: 1005
Answers (1)
Reputation: 200850
I would store it somewhere outside of the Lambda function, where it can be retrieved by multiple Lambda execution environments. I've used a small DynamoDB table for this in the past, but I think the AWS Secrets Manager is the currently preferred place to store this sort of thing.
In addition to storing the OAuth token, store the timestamp when it was created. Then whenever you go to retrieve the token, right before you use it first check if it is getting close to the 24 hour timeout. If it is about to time out then have your process update it first and push the new token to wherever you are storing it.
Upvotes: 1
Related Questions
- Access token and ID token storage for serverless app
- Maintain session state in AWS Lambda
- AWS lambda serverless website session maintaining
- Aws Lambda - how to persist valid tokens for use with other invocations
- AWS Lambda Functions - Missing Authentication Token
- Authentication and aws lambda function
- AWS lambda basic-authentication without custom authorizer
- Handling "Missing Authentication Token" after setting up AWS Lambda with API Gateway
- Storing the session token in AWS Lambda function?
- Serverless Framework with server-side authentication and Cognito