Access Token Expiration

sgbitsgbit Posts: 2Partner
Hello,

Do you know how long an access token will be valid for once expiration is enabled in February?

Regards,
sgbit

12 comments

  • Michael CareyMichael Carey Posts: 61Administrator, Lightspeed Staff moderator
    edited October 2017
    Hi,

    It looks like the expiry time will be 15 minutes.

    Thanks,
    Post edited by jamesratcliffe on
    Michael Carey

    Product Manager
    Lightspeed HQ
  • artgrphartgrph Posts: 7Partner partner
    When I received my tokens through Oauth, I don't believe I got a refresh token. This was months ago now, how do I get refresh tokens for all my access tokens?
  • Michael CareyMichael Carey Posts: 61Administrator, Lightspeed Staff moderator
    Hi,

    We're still discussing how this will be handled with development. Currently, the only way to get a refresh token is to have the customer reauthorize your OAuth client. We will update you if a new method is introduced to allow developers to get a refresh token from an existing access token.

    Thanks.
    Michael Carey

    Product Manager
    Lightspeed HQ
  • Michael CareyMichael Carey Posts: 61Administrator, Lightspeed Staff moderator
    Hello,

    I just wanted to follow up on this post. The only method available for getting a refresh token would be to have the customer reauthorize.

    We will begin expiring access tokens on August 1st, 2017, so you should have your customers reauthorize your integration beforehand and securely store the refresh token for later use.

    Thanks
    Michael Carey

    Product Manager
    Lightspeed HQ
  • maurisourcemaurisource Posts: 14Partner partner
    Hi, just wanted to clarify; To this date, expiry token is 60 minutes. Not 15 minutes as previously mentioned
    Manesh Sonah < Magento Solution Specialist />
    https://maurisource.com / [email protected]
    Magento 1 | Magento 2 integration with Lightspeed Retail


  • Michael CareyMichael Carey Posts: 61Administrator, Lightspeed Staff moderator
    Hi Manesh,

    That's right, the expiry time is currently 60 minutes (or 3600 seconds).

    Thanks,
    Michael Carey

    Product Manager
    Lightspeed HQ
  • AsaiGopiAsaiGopi Posts: 6Member
    Is there any update to refresh the access token once it expires. Still unable to get the new access token. To do it I have to re-authorize the customer for temporary token afterward using it I have to generate the access token. 
  • jamesratcliffejamesratcliffe Posts: 160Administrator, Lightspeed Staff moderator
    @AsaiGopi Are you getting an error when you try to refresh? We don't currently have any known issues with the refresh token flow.
    James Ratcliffe
    API Integrations Specialist
    Lightspeed HQ
  • AsaiGopiAsaiGopi Posts: 6Member
    Hi James--- I'm getting the below error. I attached the image for your review.

    "error": "invalid_request",
    "error_description": "The grant type was not specified in the request"

  • AsaiGopiAsaiGopi Posts: 6Member
    I got the solution. We have getting RefreshToken along with while we get AccessToken. Using this RefreshToken we will get the new AccessToken.
  • jamesratcliffejamesratcliffe Posts: 160Administrator, Lightspeed Staff moderator
    edited June 2018
    In case anyone is wondering, the problem in @AsaiGopi's screenshot above is that they were sending the data as headers. It has to be in the POST body using the Content-Type 'multipart/form-data'.
    James Ratcliffe
    API Integrations Specialist
    Lightspeed HQ
Sign In or Register to comment.