Re: Online App Authentication using OAuth

amit_vickey · ‎03-02-2021

Hi,

I'm trying to create an app that works on online access tokens. As per the docs, when the user clicks the "Install" button, an authorization_code is sent to the redirect_uri, using which access_token can be generated via endpoint /admin/oauth/access_token. This all happens during App installation. Now online access tokens expires as soon as the web session expires(or beyond a certain expiry time). How to re-generate the tokens i.e. if in future same/different user uses the app, what's the endpoint to generate the online access tokens????
What's the validity of the authorization_code?
Also, can I use same refresh_token to re-generate fresh access_token?

amit_vickey · ‎03-03-2021

Once the App is successfully installed (i.e. the access tokens are generated successfully), the token will be at user-level. So after successful app installation, we have access token for one user. What about the access token for other users?
If an un-expired online access token is refreshed/rotated, a new access token is generated, or same access token is returned with an extended validity?
To successfully rotate an expired/un-expired access-token, both new API Secret Key and New Refresh Token is needed?
Any REST API to generate new API Secret Key and/or Refresh Token (whichever is needed to rotate an access-token?

Online App Authentication using OAuth

What is the best way to modify a user's theme current?

Printful personalized design control?

Hmac verification after installing app suddenly stop working

GraphQL Get 3 Products with stock from each collection

API call to update inventory policy

What is the best way to modify a user's theme current?

Re: API is serving deleted/removed order line items.

Printful personalized design control?

Hmac verification after installing app suddenly stop working

Re: Storefront.Buy/Pay iOS/Android SDK