OAuth 2.0 access_token renewable

235 views Asked by At

I have an iOS application which connects to different APIs such as the Instagram, Facebook and Twitter API's.

I thing you need to do when authenticating via OAuth 2.0 is to get a access_token, which I have.

I just have one question, when do I renew it? I have read online that it will last a long time but still needs renewing..... Well.... how long is the time period for renewing?

Or do I renew it on every API call I make, for example when I want to GET the JSON feed of a Instagram or Twitter user, do I need to review the access_token first?

And how about when I want to do a POST to a service such as Twitter. Do I need to renew the access_token before I can do a POST??

Thanks for your time, Dan.

1

There are 1 answers

3
charles On BEST ANSWER

Renewing your Oauth token on every API request is time-expensive and too many frequent token requests could result in your application's token becoming revoked. Reference

Instead of trying to avoid sending a request with an invalid token, you should consider implementing a callback or interceptor which would check if the response contains an error code and then appropriately handle the error (display an error message or automatically redirect to request for authentication). The callback/interceptor pattern allows this error checking to be triggered automatically when each request has completed.