Upcoming database upgrades. to improve our reliability at 03:30 UTC on Feb. 25 / 7:30pm PT on Feb. 24. Some users may briefly experience slow load times or error messages. Learn more here

How often should I refresh Oauth Refresh / Access Token?

Topic Labels: API
145 1
Showing results for 
Search instead for 
Did you mean: 

Hi, my app Finta is using the new Oauth authentication. Right now, my method is that for every request, check to see if the access token has expired or will expire within the next 10 minutes. If so, request a new access token and then proceed. I'm running into an issue where my app attempts to refresh the user's access token potentially multiple times at the same time. For example, my user might request to see their Airtable bases on the frontend at the same time that a function on the backend performs an action that requires using the user's credentials.

Unfortunately, Airtable revoke's a user's refresh token if it's used more than once 😞

How are other people solving for this? My initial thought is to just create a cron job that runs every 10 minutes that checks to see if any access tokens are expiring soon. If so, refresh. That way, my main application functions won't collide. 

1 Reply 1
9 - Sun
9 - Sun

Hi! Access tokens are valid for 60 minutes, so no need to check every 10 minutes. I'm strictly comparing my stored access token to those 60 minutes and will refresh the token if currentTime > 60 minutes since the token has been issued.

W.r.t. refresh tokens: You just have to make sure to also store the new refresh token which you'll also get back from while refreshing the access token. That way, you never use the same token twice.

Hope that helps!