I am developing a desktop app which will interact with box enterprise account.
For the first time when my app will try to access Admin enterprise account it will be redirected to box page . Box finally redirects user to my redirected URL after accepting Admin user credentials. This redirected URL will have a authorization code. which is used to get access and refresh token.
My question is that can i save this authorization code for future use. ??
Say after one month my app again wants to access Admin enterprise account then Do i again need to go through the above steps of getting the auth code.??
Alok, yes, you can save the access and refresh tokens for future use. Some things to note:
- The access token must be included via an Authorization header on every request to the API.
- An access token expires after 1 hour. You can use the refresh token to request a new access/refresh token pair.
- A refresh token expires after
1460 days. If your application needs to perform amonthlyprocess less frequently than that, you'll need to create a scheduled task or chron job to refresh the access/refresh token pair in the interim. With this task/job in place you can refresh the tokens indefinitely. - If both the access and refresh tokens have expired, the user must manually authenticate your application again.
来源:https://stackoverflow.com/questions/16481498/do-i-need-authorization-code-each-time-for-accessing-user-box-account