Solved: Re: Increasing the access token expiry time

bsavarin · ‎12-09-2020

Thanks for your response. I was thinking of the portion where the user first logs in to the app in the settings menu, using the example shown here https://dev.fitbit.com/build/reference/settings-api/, which appears to be the equivalent to the link you provided. At the point when the user signs in, they would get the request access screen and the length of time for the access token. How would I set it in this case below?

<Oauth
  settingsKey="oauth"
  title="Fitbit Login"
  label="Fitbit"
  status="Login"
  authorizeUrl="https://www.fitbit.com/oauth2/authorize"
  requestTokenUrl="https://api.fitbit.com/oauth2/token"
  clientId="11111"
  clientSecret="asdfxxx"
  scope="profile"
  onAccessToken={async (data) => {
    console.log(data);
  }}
/>

Maxim_ · ‎12-15-2020

Hi, if you are using the implicit grant flow the user decides when the token expires. You can just preselected the expire length, but the user can alter it. Although i am not sure how to set a default value in the settings component, I would try to use the documented "expires_in" value that is actually an URL parameter:

https://dev.fitbit.com/build/reference/web-api/oauth2/

expires_in For use with the Implicit Grant Flow only. Pre-select the desired access token lifetime. Defaults to 86400. 86400 for 1 day 604800 for 1 week 2592000 for 30 days 31536000 for 1 year Optional Type: string

Also there is a debug page on the oauth "Manage my apps" website https://dev.fitbit.com/apps

use the link that is called "OAuth 2.0 tutorial page" under the Refresh Token URL of your app.

View best answer in original post

Gordon-C · ‎12-10-2020

Ahh...I'm going to move your post to the Device SDK community to see if anyone there has experience setting the expiration time of the tokens.

Gordon

Gordon Crenshaw
Senior Technical Solutions Consultant
Fitbit Partner Engineering & Web API Support | Google

bsavarin · ‎12-13-2020

Thanks. Would someone be able to help me here please? I'm sure someone has been successful getting the tokens to expire later.

Maxim_ · ‎12-15-2020

Hi, if you are using the implicit grant flow the user decides when the token expires. You can just preselected the expire length, but the user can alter it. Although i am not sure how to set a default value in the settings component, I would try to use the documented "expires_in" value that is actually an URL parameter:

https://dev.fitbit.com/build/reference/web-api/oauth2/

expires_in For use with the Implicit Grant Flow only. Pre-select the desired access token lifetime. Defaults to 86400. 86400 for 1 day 604800 for 1 week 2592000 for 30 days 31536000 for 1 year Optional Type: string

Also there is a debug page on the oauth "Manage my apps" website https://dev.fitbit.com/apps

use the link that is called "OAuth 2.0 tutorial page" under the Refresh Token URL of your app.

bsavarin · ‎12-16-2020

Hi Maxim,

Thanks for this helpful response. I was able to add that portion to the refresh token request URL in the companion. I was not able to confirm if that worked because I had already logged in and I'm no longer getting the authorisation consent page so the log still shows 28800 expiry, but I'm not getting any errors when I use the URL so it must be OK... I think 🙂

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Re: Increasing the access token expiry time

bsavarin

Maxim_

Gordon-C

bsavarin

Maxim_

bsavarin