0

I tried to add YouTube Video from the third party and After one day, I got the success in doing so. But While uploading a video the access token is required and in order to get that access token the user must be logged in. And the expiration time for that access token is 3600 seconds( 1 hr).

Now, There are some of my questions regarding this.

  1. Is there anyway, by which I can refresh access token.
  2. If some one has G Suite account, then Is there any special values for expiration time, or it remains the same?
  3. As per the documentation, I can have maximum 50 tokens, So is there any alternative for it, So that I can get valid token after 50 requests.
technicalbird
  • 39
  • 8

1 Answers1

0

To answer your question for number 1, you can check the documentation here.

Access tokens periodically expire. You can refresh an access token without prompting the user for permission (including when the user is not present) if you requested offline access to the scopes associated with the token.

  • If you use a Google API Client Library, the client object refreshes the access token as needed as long as you configure that object for offline access.
  • If you are not using a client library, you need to set the access_type HTTP query parameter to offline when redirecting the user to Google's OAuth 2.0 server. In that case, Google's authorization server returns a refresh token when you exchange an authorization code for an access token. Then, if the access token expires (or at any other time), you can use a refresh token to obtain a new access token.

Requesting offline access is a requirement for any application that needs to access a Google API when the user is not present. For example, an app that performs backup services or executes actions at predetermined times needs to be able to refresh its access token when the user is not present. The default style of access is called online.

About the G Suite account, it was stated 24 Hours in the documentation. Note:

In this SO post answer, the function of Access Token and Refresh Token was discussed.

I am not sure if there are ways to alter the limits because of security reasons.

To clearly differentiate these two tokens and avoid getting mixed up, here are their functions given in The OAuth 2.0 Authorization Framework:

  • Access Tokens are issued to third-party clients by an authorization server with the approval of the resource owner. The client uses the access token to access the protected resources hosted by the resource server.
  • Refresh Tokens are credentials used to obtain access tokens. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token becomes invalid or expires, or to obtain additional access tokens with identical or narrower scope.
Community
  • 1
  • 1
MαπμQμαπkγVπ.0
  • 5,887
  • 1
  • 27
  • 65
  • Thanks for the answer @MαπμQμαπkγVπ.0. Can you give an idea about timing in case of server login for G Suite. The described link in the answer gives the answer for client login authentication time. – technicalbird Sep 07 '17 at 11:41