Cron job Refresh Token

Here is what im doing:
1- Manually authenticate my IS platform to give tokens to OAuth app.
2- I store retrieved details to DB (the return field contains expiry date/time, i store this along the date/time at which tokens are generate)
3- created another file which retrieves token generation date/time and refresh token from DB which was stored in step2 and posts refresh token and other required parameters to IS when 20 hours passed from initial token generation date/time, i run cron command every hour to this file to check 20 hours passed or not, if passed it posts requests to IS.
4- IS post back new tokens with expiration time remaining (its 24 hours at the time of generation) of new token, i add this remaining time to current time when these token were generated and overwrite both in DB

I hope this helps in explaining how i manage to do this and working fine for me. Im having issue using this in PHP code given above.

Umm… From my experience if things are setup right there is no need for a cron job at all. Just refresh the access token when the code is used using the refresh token and update database… You can only use refresh token once… Then u get a new one and u can use that once… Etc. This may help? Sample PHP Project with OAuth


@Jacob_Kerr that’s also a good strategy

@pagedesigner thanks My Refresh token probem is resolved.

1 Like

There are situations where the inline refresh doesn’t work if you can’t/don’t synchronize the call to do the token refresh. Some people find the cron is easy to implement over synchronizing your refresh. I prefer the synchronized refresh personally.

@TomScott Is refreshing the Refresh Token once a month a requirement? I’m already using the “try catch” method you suggest and refresh when needed using refreshAccessToken(). My app ends up running refreshAccessToken() about once a day. Is that sufficient or is there another method I need to be executing?

Refresh Tokens have a six-month lifetime, which means that if you have a user account that is not used within that window, it will lapse. Doing a cron-based refresh on each token inside that window prevents the authentication from expiring and having to require a re-authorize by the user.

its interessting, because i get the same field back:


endOfLife = 1530298678 its a date? or seconds when ended, no documentation found about returning data.

i am using php-sdk, but i found no information how to interpret this field.

$tokenInfo = $client->request('POST', $this->tokenUri, [
        'body'    => http_build_query($params),
        'headers' => ['Content-Type' => 'application/x-www-form-urlencoded']

any infomation?

The OAuth Spec spcifies the expires_in field returned in the token response is the duration of seconds. I would need to look at the php-sdk to see how that endOfLife is calculated exactly. From the looks of the number though it looks like epoch of when it expires.

1 Like

ok, i’ve got this information from source code:

if (isset($data['expires_in']))
		$this->setEndOfLife(time() + $data['expires_in']);

so the endoflife is the datetime when token expires.

i have some questions on the refreshToken?

in which time the refreshToken is valid? Can i use it, when the accesToken is expired, e.g. for 3 days? Or do i need a new requestAccessToken? Or do i need a complete new authorization process?

When using refreshToken, i get a complete new Token Object back, right? So i have to update my DB-Object.

I’m asking because i get en exception trying refreshToken before expiring, so i am asking mysels, what happens when a cron job is throwing 23 hours exceptions an in the worst case, all other request, may ca not be executed for e.g. 58 minute, waiting for the next cronjob updating token.

So why not refreshing it when a request need a new token? performance, …?

Refresh Tokens are good for 6 months and are single user. When you use a refresh to get a new access token then a brand new refresh token will be issued and the previous one will be invalidated. I am not exactly sure what you are saying that the refresh token fails until it expires. Please follow up if my answer is not sufficient.