Given "User using credentials of type OAuth 2.0", when "the access token is expired", then "get new token automatically"

(I don’t know if this is the correct place to put this concerns of mine, and if the proposed solution is good enough or not)

If I use credentials of type OAuth 2.0 in the Credentials page of OpenFn platform, then I will get accessToken as part of the state.configuration. But, if the accessToken expires, then I would no longer be able to use it for accessing protected resources. (unless I delete the expired Credentials and add new Credentials with the same information, redo all the previous steps for getting the token)

I think it might be best in OpenFn platform use the client_credentials grant type in the Credentials of type OAuth 2.0, then also add mechanism if the time has passed for the same seconds as expiresIn since the token issuance OR if when make HTTP request to API path and the response is telling that the access token is expired, then automatically get new access token by using the same information for getting the access token with client_credentials grant. (maybe put maximum retries of 3 for the getting new token phase, if cannot get new token then abort)

What do you think? Am I understanding them correctly? Is that a good way to approach the issue?

Might be useful references:

Sorry, new users can only put 2 links in a post.


I also have created a GitHub issue in X

Hi Levi,

Great question ! We actually handle for this with OAuth 2.0 credentials - when a request is made, if the token has expired we use the refresh token to get a new and valid one.

However, this logic is handled within our platform - so if you’re using devtools and encountering this issue it is because the logic isn’t there. I’d suggest trying this out in platform, and if you are still encountering issues then do let us know .

@taylordowns2000 could you take a look to confirm whether we handle this logic in Microservice too when you have a moment ?

Hope this helps !