How to use apptoken-refresh API

 

Password expiration is a well-known security policy implemented by many enterprises and its consider a best practice in the security realm. It is implemented by mandatory password changes with recurrence governed by a validity time. Once the validity time expire a new password or access token is re-generated. All the users should refresh to the new credential to be able access the service.

 

Syniverse SDC provides the UI to perform the SCG API access token expiration set up and re-generation. Additionally, provides an API to programmatically refresh an SCG expired token in the consumer process side. These functionalities allow the implementation of access token expiration policies in the enterprise applications.

 

This document provides an access token expiration policy implementation description along with examples of Syniverse API calls using cURL commands to refresh the credentials on the consumer process side.

 

Defining the access token expiration policy

When a new SDC application is created, the default access token configuration is set as non-expiring token meaning that the access token never expires. In this case the only way to re-generate the access token is the Re-generate button provided.

 

However, the UI also provides the fields to set a validity time for the new access token using Token Expiration field. When a token expiration value is set before Re-Generate the new token, the token is created along with its expiration setting.

 

Refreshing credentials

After access token Re-generating with token expiration time, the users or processes should refresh the credentials (access token) they actively use for the SCG API calls. Given the case their current credential gets expired, an API call should be executed using additional credentials to get the new access token.

 

Example: 60 seconds access token expiration

In this example, we implemented a 60 seconds access token validity time.

Defining the aging access token in SDC:

Login to SDC and click the SDC application for token set up:

click app.jpg

 

Click options icon and select edit:

click edit.jpg

 

Click on Auth Keys:

click Auth Keys.jpg

 

Here we set the token expiration to 60 seconds and re-generate:

set token expiration.jpg

 

The new access token set up is active now:

new token ready.jpg

 

 

Consumer process token refresh

With the new token setting, the access token will expire in the next 60 seconds. After that period a new token must be obtained at the consumer process.

For this token refresh operation, SDC application credentials are required: Consumer Key and Consumer Secret. This refresh can be implemented by getting the current access token executing the bellow API call:

 

curl --location 'https://api.syniverse.com/apptoken-refresh?consumerkey={yourKey}&consumersecret={yourSecret}&oldtoken=XXXX&validity=60' \
--header 'Cookie: yourcookiename=yourcookievalue1234567abc'

R/
{
    "accessToken": "{yourNewToken}",
    "validityTime": 60
}

 

 

First time apptoken-refresh API call

The first time a process calls apptoken-refresh, can execute the API call with oldtoken=0 to get the current valid token.

 

For more articles about Syniverse Cookie Policy click here

 

 

 

 

 

Was this article helpful?
0 out of 0 found this helpful

0 Comments

Please sign in to leave a comment.