Can an access token be used to obtain a new access token, or must you use a refresh token? Currently my oauth provider isn't providing a refresh token so I am trying to understand the capability, as I don't want to repass user/pw to provider after initial bearer token request.
oauth access token to get new access token
173 Views Asked by rismoney At
1
There are 1 best solutions below
Related Questions in OAUTH
- Using html5 localstorage instead of cookies with passport.js
- OAuth integration with QuickBooks using Scribe
- OAuth with Developer tokens
- Oauth in Tyrus WebSocket
- Accessing Picasa Web API using PHP
- how can I access user details through "oauth_token" from twitter api in ionic framework
- Is my JWT refresh plan secure?
- When to refresh token?
- SignalR oAuth on self host
- Bearer token in MVC controller to access Web API
- OAuthorization through app or web api
- Authenticating mobile app login using webservice using oauth connection
- Testing local rails application with OAuth
- Configure the authorization server endpoint
- Azure Active Directory Login: Web App Permissions, User Consent not triggered
Related Questions in ACCESS-TOKEN
- chrome.identity.getAuthToken and refresh token?
- How can restrict the use of Issued access token of one machine in another machine
- Trying to connect rails app to trello APi
- how to check access token validity in django oauth toolkit?
- Substitute access token in Hybridauth
- Java SDK Authentication with VersionOne Access Tokens
- Get user access token with permission via php with FB sdk 3.2
- Only allow my clients to access my webservice
- Outlook API: getting access-token from front-end, how can i use it in web API backend to get Outlook messages
- Can Outh2.0 access_tokens be compromised?
- Api Token is missing in laravel 4.2 api
- Implementing SSO using OpenID Connect and usage of tokens
- Can you reuse a Google service account access token?
- Azure AD ADAL in MVC Application - Token Expiration
- No route matches [POST] "/knock/user_token"
Related Questions in REFRESH-TOKEN
- When renewing id_token via refresh_token in Auth0, jti (JWT ID) not in new id_token
- connection:willSendRequestForAuthenticationChallenge: AFNetworking 3.0
- Is it safe to send the result of AuthenticationTokenCreateContext.SerializeTicket to the client?
- how to get/generate a Paypal refresh_token
- How to silently refresh expired JWT token with OAuth2?
- Unable to locate the refresh token with Microsoft Graph
- oauth access token to get new access token
- Refresh token in spotify android sdk?
- Spring Boot and OAuth2 client refresh token grant
- Should you replace your refresh token after getting a new one for Microsoft Grpah API
- Refreshing Google Id_token received via firebase google authentication
- Refresh Bearer Token
- Angular + Spring boot Jwt refresh token feature
- Sign In With Apple refresh token validation only access token returned
- Since couple of days Refresh token has been automatically expired
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I don't believe there is a possible way to get an access token without using a non-blacklisted refresh token. This is by design, since we don't want access tokens to be used for something they were not granted for. Ideally you would have saved a refresh token to get a new access token. Of course if the refresh token is expired or explicitly blacklisted by the server, you need to acquire a new one.
I found this helpful article here on it:
https://auth0.com/learn/refresh-tokens/