Forum Discussion

ziedzied's avatar
ziedzied
Copper Contributor
Sep 21, 2022

API Tokens expiration

Hello

We need to retrieve regularly the sentinel incidents using API calls.

API needs a token. The token expires by default after 1 hour... Using a specific policy we can extend it until 1 day which is not enough.

The refresh token may keep it working for 90 days.

Could you advise for best practice to get API calls working for long time?

Thanks

2 Replies

  • chilberto's avatar
    chilberto
    Iron Contributor
    Sep 22, 2022
    Best practice would be not to have long living tokens. Renewing tokens should be built into your API either proactively by refreshing before the token expires or as a reaction to an unauthorized response.

    Many frameworks have this capability built in or has guidance on implementing these patterns.
    • ziedzied's avatar
      ziedzied
      Copper Contributor
      Sep 25, 2022

      Thank you chilberto 

      I didn't find how to create a refresh token. I am asked to enroll to Microsoft Advertising ...

      Is there a way to bypass this subscription ?

       

      Thanks

Resources