I have a spring-boot application with some secure REST APIs which can be accessed only with a valid JWT in 'Authorization' header. Thing is that JWT expires after a specified amount of time. But suppose I have a script that will hit one of the secure REST API and save some information into database. Now I will run the script for indefinite time. In this case after the JWT expires all the request fails. How to handle this situation?
Asked
Active
Viewed 4,884 times
2
-
1this can be solved with refresh tokens. If the access token is expired, obtain a new by sending the refresh token. – jps Mar 21 '18 at 16:49
-
can you provide any code sample? – MrG Mar 22 '18 at 06:46
-
in this [question here on SO](https://stackoverflow.com/questions/44976677/should-i-explicitly-send-the-refresh-token-to-get-a-new-access-token-jwt) is a link to Spring-boot example using refresh tokens. The answer also describes the general workflow with refresh tokens. Can't say much more, as I'm not using spring-boot. – jps Mar 22 '18 at 08:28