Skip to main content
OAuth Refresh Token

Ensure uninterrupted API access with OAuth refresh tokens by automating new token generation before expiration. Set up easily in Torq.

Updated over 6 months ago

A refresh token can be used to get a new access token before the expiration occurs without the need for user interaction.

The OAuth Refresh Token integration maintains a valid access token by refreshing it periodically. Use the token in your workflows to avoid the failure of API calls due to token expiration.

When you receive an access token for OAuth authentication, it may have information about an expiration period and a refresh token attached to it.

{
    "access_token": "",
    "refresh_token": "",
    "token_type": "bearer",
    "expires_in": 3600
}

Create an OAuth Refresh Token Integration in Torq

  1. Go to Build > Integrations > Steps > OAuth Refresh Token and click Add.

    Create an OAuth refresh token integration in Torq.
  2. Type a meaningful name for the integration.

  3. Get the rest of the information from the third-party service.

    1. Client ID and Client Secret are the OAuth2.0 standard authentication details.

    2. Refresh URL is the endpoint used for generating and refreshing OAutho2.0 access tokens.

    3. Refresh Token is the refresh token returned when first creating your OAuth2.0 token.

This is the structure of the requests to refresh a token that are sent by the OAuth Refresh Token integration:

{ "refresh_token": "

",

"grant_type": "refresh_token" }

The client ID and client secret are passed in the headers via basic access authentication.

The integration can't be created for service providers that require a different format or additional data for the token refresh.

To use the access token maintained by the integration, use the following expression in the token input field of the steps in the workflow {{ $.integrations. .access_token }}. For example (replace oauth_refresh_token_integration_name with the name of the integration you created).

Selecting the refresh token expression for the token field.

Example: Create an OAuth Refresh Token Integration for Dropbox

This example shows how to create an OAuth Refresh Token integration to make sure you always have a viable Dropbox token you can use in Dropbox steps. The process to get the required information from a different service provider may vary. This example is meant to give you a sense of the actions you need to take.

  1. Click Create apps.

  2. Choose a type of access and give your app a meaningful name.

    Configure an OAuth integration in Dropbox
  3. Copy the app key and secret to use as the Client ID and Client Secret when you create the OAuth Refresh Token integration in Torq.

    image.png
  4. Go to the OAuth2 section and add https://127.0.0.1 as a Redirect URI.

    image.png
  5. Enter the following URL (replace with your App key) in your browser: https://www.dropbox.com/oauth2/authorize?client_id= &response_type_=_ code&redirect_uri=https://127.0.0.1&token_access_type=offline
    image.png

  6. Copy the code you got in the browser.

    image.png
  7. Run the following cURL command in a terminal. Replace < CODE FROM PREVIOUS STEP > with the code you just copied.

    1. You can use any API platform, such as Postman, to run this command. If you’re not using cURL, use application/x-www-form-urlencoded as the request content type.

    2. curl https://api.dropbox.com/oauth2/token \                                                                -d code= <CODE FROM PREVIOUS STEP>\                                                                         -d grant_type=authorization_code \                                                                           -d redirect_uri=https://127.0.0.1 \                                                                         -u :

  8. The output is a JSON object. Copy the refresh token to use when you create the integration in Torq.

    1. {     "access_token": "",     "token_type": "bearer",     "expires_in": 14399,     "refresh_token": "",     "scope": "account_info.read",     "uid": "*",     "account_id": "" }
  9. Get the refresh URL from the Dropbox OAuth documentation.

  10. Create an OAuth Refresh Token integration in Torq. If your integration is created successfully, it means the first token refresh was successful, and the token will be refreshed periodically behind the scenes.

  11. To use the repeatedly refreshed token provided by the OAuth Refresh Token integration you created in Dropbox steps, add a Dropbox step to the designer and Switch to HTTP mode.

    image.png
  12. Enter {{ $.integrations..access_token }} in the TOKEN field. Replace with the name of the OAuth Refresh Token integration you created in Torq.

    image.png

Did this answer your question?