Refresh token authorization flow Source/Target Powershell Systems
Rudolf Amersfoort
Now for a specific connector, the supplier (Loket) changes the lifetime of the refresh token, and a refresh token can only be used three times. Therefore, it is necessary to update the refresh token each time an access token is requested. This means that we must have a place to store and update the refresh token to maintain continuous authorization. We could use a local disk or a remotely accessible disk, but we prefer a built-in solution in HelloID to store the refresh token.
It must be possible to manually set the initial refresh token, and after each run, the refresh token should be updated.
R
Roel Everink
We have the same issue with the same supplier.
In this specific case the customer also doesn't have an agent server, as it is completely cloud based, so local storage isn't an option.
Maybe some kind of API call to update specific configuration fields?
R
Rick van den Dijssel
Great to hear your perspective, Rudolf Amersfoort! I have a few more questions for you:
- Can you provide more details on how you envision the manual setting of the initial refresh token?
- What are the security considerations we should keep in mind while implementing the storage and update of the refresh token?
- Could you clarify your preference for a built-in solution in HelloID? Are there specific features or functionalities you're looking for?
Rudolf Amersfoort
Rick van den Dijssel
1. I think you want a field where you can add the initial refresh token, and this field should have the ability to be updated from a PowerShell script to update the field with a new refresh token.
2. Currently, the refresh token is stored in HelloID as a configuration item. Therefore, I believe the same security considerations apply to this 'new version of this' field.
3. Perhaps it can be added to the current configuration file, with the capability to update the field.