TechQA.

OCAPI: How to refresh token after expiration?

697 views Asked by At

Trying to use Salesforce OCAPI from an app.

On the JWT Auth documentation: https://documentation.b2c.commercecloud.salesforce.com/DOC2/index.jsp?topic=%2Fcom.demandware.dochelp%2FOCAPI%2Fcurrent%2Fusage%2FJWT.html

A JWT has a lifetime of 30 minutes. Before the token expires, you must exchange it for a new token if you want to extend the total lifetime.

If a registered user opens the app after 31 minutes and the persisted JWT is expired, then how is the way to refresh it without prompting login screen again? (persisting user credentials is out of the question due to security vulnerability)

jwt salesforce demandware salesforce-commerce-cloud
Original Q&A
2

There are 2 answers

1
sholsinger On

As the documentation states, you cannot refresh it if it has expired. You must prompt for the login screen again.

I suggest having your app refresh the token automatically in the background.

0
Kshitij Verma On

You can save exp (the token expiration-time) from payload section in your db, try to check before intiatling new call if its expire then you can use the /customers/auth resource to get new token. You must include the current token in the Authentication:Bearer request header, and specify the customer type as "type":"refresh".

Related Questions in JWT

Related Questions in SALESFORCE

Related Questions in DEMANDWARE

Related Questions in SALESFORCE-COMMERCE-CLOUD

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions