Closed ignacionelson closed 1 year ago
ignacionelson
commented
1 year ago By the way, I'm using authorization code and I've followed this example https://oauth2.thephpleague.com/authorization-server/auth-code-grant/ As well as https://oauth2.thephpleague.com/authorization-server/refresh-token-grant/
Sephster
commented
1 year ago You can set the length that the token is valid for. On the AuthorizationServer, the function enableGrantType has a second parameter that lets you set the token time to live. If you leave this blank, it defaults to an hour which should help somewhat.
I don't think you should be prompted to confirm scopes when using a refresh token though. Is the grant type set to 'refresh_token' when using the refresh token?
ignacionelson
commented
1 year ago Thank you for your answer. I ended up with very lived tokens Regarding this "Is the grant type set to 'refresh_token' when using the refresh token?", indeed, it's set up that way. I don't understand why the app does not respond with a new token but I'll investigate a little more
Sephster
commented
1 year ago Did you have any further luck with this? I can take a further look if not or will close the issue if already resolved. Thanks
ignacionelson
commented
1 year ago Sorry for not responding! As a temp fix, I ended up setting a long lived token, since the refresh one didn't work for me. I don't know where I failed but locally with postman I had the same issue.
Sephster
commented
1 year ago Thanks for the reply. If you would like to investigate why this was failing further, please do shout and I will reopen this ticket. Glad it is solved for you in the short term
Hello! I'm trying to implement Zapier as a client for a php slim app. Everything seems to be working great (even authorization, returning the correct data on custom endpoints) but the token expires after an hour and after that, zapier requires me to re-authorize the app, including opening the scopes window. By following the documentation, it seems that both routes (request access token and refresh) seem to be the same, so I've pointed both settings to the same route. Am I missing something here? Thank you for your help!