Reputation: 16354
Is a Refresh Token necessary when building a RingCentral cronjob?
Since using the refresh token gives you a new pair of tokens, what is the advantage of doing a refresh versus just obtaining a new Auth token? For example:
- 65 minutes after obtaining a token, I have to refresh it (and obtain a new token), or
- just obtain a new one
Why not just get a new access token each time?
If I am doing everything within my own server / within my own code, is there any benefit to refreshing. Or is it as good to obtain a new token every hour?
I get the gist of the refresh in some circumstances, but when it's all in my control, is refresh token necessary?
Upvotes: 1
Views: 151
Answers (1)
Reputation: 13069
Advantage relies with easiness of obtain access token.
Think about Authorization code flow. If you do not get a refresh token, client application have to trigger a new authorization code flow to retrieve a new access token. This include end user interactions for user grants (end user login in simple terms). For some applications, such re-login is not a desired feature. For them having a refresh token is a very desirable feature.
So when you design your application, if you don't want your end users to provide their credentials every time client application want an access token, then you should use refresh token. But if this is not the case and you have other ways to complete access token obtaining process then it's rather a design decision.
Upvotes: 1
Related Questions
- Are refresh tokens necessary for online applications
- Refresh Token Rotation Implementation Questions
- Are refresh token necessary?
- How to enable Zapier OAuth 2.0 Refresh Token Flow using RingCentral API
- How to remove refresh token from OAuth call in RC
- Oauth2 refresh_token confusion
- OAuth2: Update refresh token along with the access token or not?
- How do you authenticate with durable credentials to RingCentral's API?
- RingCentral JS SDK - Refresh token is missing
- OAuth2 - unnecessary complexity with refresh token