Posted: 17 Feb 2020 13:15 EST Last activity: 17 Feb 2020 17:22 EST
Always valid OAuth access token
I have a REST API that loads an OAuth Token. This token is used for authorization for many other API calls, so it needs to be always available. The token is only valid for 60 minutes, so I'll need to reload it before the token expires with no down-time. How can i make sure this token is always valid regardless of any short-term API failures?
I thought of that, but if the REST API fails, the token would be invalid for a whole minute. I can't do that as my app is heavily dependent on APIs to run, and users couldn't do anything for that minute on failure. I can't have it down for that long, and I don't think we want to refresh the token every 5-10 seconds. Any other thoughts?