First, the server structure implemented according to ST’s document is as follows.
And when the access_token we provided expires, ST requests data from grant_type of refresh_token, and we provide the refreshed access_token again.
Questions…
Q1. Will refresh_token expire?
Q2. What should I do when refresh_token expires?
Hi, @Sangmin_Kim!
In the case of ST Schema, the refresh token expires until the user deletes the integration from SmartThings, this means when he deletes all the devices that belong to that integration or when he goes to menu > Linked services and deletes it from there.
There’s another case where it can expire but it shouldn’t happen: when the user needs to log in again, this is only if you close the session in your Cloud but it can cause the devices to become offline as well so, it is not recommended.
You can verify the refresh_token doesn’t change when you get a new Access Token, the refresh_token value provided in the response should be the same every time.
Thank you for your answer !
Should I think that refresh_token in ST does not expire by time?
Correct, it is static since the grantCallbackAccess/accessTokenRequest interaction is triggered. The team mentioned these other scenarios:
requestGrantCallbackAccess parameter in the discoveryResponse with a value of true. However, this is not suggested unless you can’t refresh the callbackAccessToken using the existing refreshToken.