oAuth Tokens Expire or not?


#1

Having (re)searched this topic I am no more the wiser on this topic. Do these tokens expire/reset/etc within a very noticeable time frame??? The reason for my question is I am about to implement a whole new external scheduling procedures which, with my current setup, would be a nightmare to maintain if I need to fix each https://graph.api.smartthings.com/api/smartapps/installations… URL each time I have to reset these tokens.


(Jim Anderson) #2

Tokens created through the OAuth install flow or with createAccessToken() are long-lived currently (50 years). Work is underway to support much shorter-lived tokens and refresh token support. So at some point, you will definitely need to handle expiring tokens and use the refresh token to get a new token.


(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #3

I highly recommend you abstract the connection layer… At least put the URI into a variable!

Even better… Don’t write your scheduler, but instead participate in the External “Schedule Driver” specifications already under discussion…


#4

As you know, I am using EventGhost in the interim for all my scheduling. It is easy for me to dynamically change all the url’s used by simply modifying the tokens in one spot. The “problem” is how I implemented my endpoint app. For each group of device(s) there is one instance of the app and one set of unique tokens. So… If I have 6 groups I have 6 sets of tokens. Not that big of a deal to rewrite but I still will still have the manual step to update the tokens, albeit only one place, each time it changes.

When the tokens expire, will there be a warning before or will the app simply stop working???


(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #5

Why put the Devices into groups? Isn’t one instance of the SmartApp best? Just wondering…


#6

Exactly… Hence my “problem” which I have just now “fixed” :laughing: