DEVHIDE
Login Or Sign up

How to get new refresh token after 2 weeks are passed without redirecting user using Upwork API?

633 Views Asked by At

I'm developing app that is going to be run on a headless server. To launch it I need to possess access and refresh tokens that is done by following request https://developers.upwork.com/?lang=python#authentication_access-token-request. I'm using python, so my request looks like:

import upwork

config = upwork.Config(
        {
            "client_id": <my_client_id>,
            "client_secret": <my_client_secret>,
            "redirect_uri": <my_redirect_uri>
        }
    )

client = upwork.Client(config)

try:
    config.token
except AttributeError:
    authorization_url, state = client.get_authorization_url()
    # cover "state" flow if needed
    authz_code = input(
        "Please enter the full callback URL you get "
        "following this link:\n{0}\n\n> ".format(authorization_url)
    )

    print("Retrieving access and refresh tokens.... ")
    token = client.get_access_token(authz_code)

As a result token object looks like:

{
    "access_token": <access_token>,
    "refresh_token": <refresh_token>,
    "token_type": "Bearer",
    "expires_in": 86400
}

Given access_token and refresh_token I put them to my program and it is successfully launched. To keep continuous access to Upwork API I need to have valid access_token which expires every 24 hours, so I renew it with refresh_token. But the problem is than last one's lifespan is 2 weeks and when it's gone I can't use it to refresh access token, so need to get new one. In the documentation I haven't found how to do so and it seems that the only way is to go through the whole process of obtaining tokens pair again as described above, but that's not an option for me because as I said I want to deploy an application on a headless server without ability to redirect user. I need the way to get tokens pair every 2 weeks without manual intervention

Expecting:

Find a way to refresh refresh_token without redirecting user and manual intervention at all

python upwork-api
Original Q&A
2

There are 2 best solutions below

5
On

you can set a timer, that is going to call refresh-token a moment before it expires. This is one way to do it. But maybe someone will come up with a better idea. I've seen people doing this with access token, which wasn't a good practice in that case. But you have a different situation.

0
On

@sviddo, if there is no activity for 2 weeks, the authentication is required, involving the user manual login. It's a security requirement.

The other thing is that a refresh token is valid for 14 days, and its TTL automatically extended when refresh is performed. If it's not the case, please, contact Support Team at Upwork

Related Questions in PYTHON

Related Questions in UPWORK-API

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.