Abdullah_Elsheikh | 2019-10-14 12:35:25 UTC | #1
Hi All,
We're using PureCloud SDK to consume some PureCloud APIs in order to integrate with another system also we use client credential type of authentication, we get the client id and the client secret in order to initiate the access token to consume the APIs.
Is there any API to send to it the client id and the client secret to get a new client secret as the client secret is ended after 48 hours (as mentions in the Security page that token duration from 5 min to 48 hr).
We will make a request every 15 minutes using the client id and the client secret, in this case, the token will be expired or not?
So our question in brief that we need to use API with permanent security token without need to go to PureCloud and generate client secret manually every two days.
I found this old post but if there any other updates https://developer.mypurecloud.com/forum/t/refresh-authorization-token/3404
Thanks in advance Abdullah
Becky_Powell | 2019-10-14 13:58:36 UTC | #2
Hi Abdullah,
Please note that it's the token that expires at the end of its specified duration.
You can make a POST call to https://login.mypurecloud.com/oauth/token to obtain a new access token.
Here is a tutorial that you might find helpful: OAuth Client Credentials Login Flow.
Additionally, here are some docs from our Developer Center that might help you:
Please let us know if you have any further questions!
Abdullah_Elsheikh | 2019-10-14 15:10:42 UTC | #3
Hi Becky,
Thanks for your reply. Yes i know that the token will expire after 48 but in my case i generated the client secret from client credential method of authentication from Friday night and till now it's working! Also it doesn't make sense to go to the login page again to get a new access token as we are using the client id and the client secret to consume some PureCloud APIs using a background service. so we need to know the best way that we use to consume the PureCloud APIs from a background service.
Note: that we are using now PureCloud SDK for .net with asp mvc core.
Thanks in advance
tim.smith | 2019-10-14 19:30:50 UTC | #4
A well-formed application will identify when it encounters a 401 response and will automatically initiate its process to obtain a new auth token. Getting a new token after one has expired is exactly the same process as obtaining a token the first time; there is no concept of a refresh token in PureCloud.
Services without a user interface should authenticate using client credentials. The .NET SDK has a helper method for this: https://developer.mypurecloud.com/api/rest/client-libraries/dotnet/index.html#client_credentials_grant
If your service is a web server where users are using your application, you should implement the auth code grant for users to authorize the application. There's a tutorial for ASP.NET here: https://developer.mypurecloud.com/api/tutorials/oauth-auth-code/index.html?language=csharp&step=1
system | 2019-11-14 19:29:29 UTC | #5
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 6242