A refresh token can be used to get a new access token before the expiration occurs without the need for user interaction.
The OAuth Refresh Token integration maintains a valid access token by refreshing it periodically. Use the token in your workflows to avoid the failure of API calls due to token expiration.
When you receive an access token for OAuth authentication, it may have information about an expiration period and a refresh token attached to it.
{ "access_token": "", "refresh_token": "", "token_type": "bearer", "expires_in": 3600 }
Create an OAuth Refresh Token Integration in Torq
Go to Build > Integrations > Steps > OAuth Refresh Token and click Add.
Type a meaningful name for the integration.
Get the rest of the information from the third-party service.
Client ID and Client Secret are the OAuth2.0 standard authentication details.
Refresh URL is the endpoint used for generating and refreshing OAutho2.0 access tokens.
Refresh Token is the refresh token returned when first creating your OAuth2.0 token.
This is the structure of the requests to refresh a token that are sent by the OAuth Refresh Token integration:
{ "refresh_token": "
",
"grant_type": "refresh_token" }
The client ID and client secret are passed in the headers via basic access authentication.
The integration can't be created for service providers that require a different format or additional data for the token refresh.
To use the access token maintained by the integration, use the following expression in the token input field of the steps in the workflow {{ $.integrations. .access_token }}
. For example (replace oauth_refresh_token_integration_name
with the name of the integration you created).
Example: Create an OAuth Refresh Token Integration for Dropbox
This example shows how to create an OAuth Refresh Token integration to make sure you always have a viable Dropbox token you can use in Dropbox steps. The process to get the required information from a different service provider may vary. This example is meant to give you a sense of the actions you need to take.
Log in to your Dropbox developer account.
Click Create apps.
Choose a type of access and give your app a meaningful name.
Copy the app key and secret to use as the Client ID and Client Secret when you create the OAuth Refresh Token integration in Torq.
Go to the OAuth2 section and add https://127.0.0.1 as a Redirect URI.
Enter the following URL (replace with your App key) in your browser: https://www.dropbox.com/oauth2/authorize?client_id= &response_type_=_ code&redirect_uri=https://127.0.0.1&token_access_type=offline
image.pngCopy the code you got in the browser.
Run the following cURL command in a terminal. Replace
< CODE FROM PREVIOUS STEP >
with the code you just copied.You can use any API platform, such as Postman, to run this command. If you’re not using cURL, use
application/x-www-form-urlencoded
as the request content type.curl https://api.dropbox.com/oauth2/token \ -d code= <CODE FROM PREVIOUS STEP>\ -d grant_type=authorization_code \ -d redirect_uri=https://127.0.0.1 \ -u :
The output is a JSON object. Copy the refresh token to use when you create the integration in Torq.
{ "access_token": "", "token_type": "bearer", "expires_in": 14399, "refresh_token": "", "scope": "account_info.read", "uid": "*", "account_id": "" }
Get the refresh URL from the Dropbox OAuth documentation.
Create an OAuth Refresh Token integration in Torq. If your integration is created successfully, it means the first token refresh was successful, and the token will be refreshed periodically behind the scenes.
To use the repeatedly refreshed token provided by the OAuth Refresh Token integration you created in Dropbox steps, add a Dropbox step to the designer and Switch to HTTP mode.
Enter
{{ $.integrations..access_token }}
in the TOKEN field. Replace with the name of the OAuth Refresh Token integration you created in Torq.