Make SDK - Connection - Refresh Token - How to handle

How can I develop an App using Make Apps SDK (integromat.com) that:

  1. Set a token (used in Header) and the expiration date
  2. After reaches the expiration date, it gets a new token and set the new expiration

I tried this example for the Communication (api.imljson)

{
    
    "token": {
        "url": "https://example.com/credential/generate_token",
        "method": "POST",
        "body": {
            "email": "example@example.com.br",
            "publickey": "example-public-key",
            "apikey": "example-public-key"
        },
        "type": "urlencoded",
        "response": {
            "data": {
                "expires": "{{ parseDate(body.data.token_valid_until, 'YYYY-MM-DD HH:mm:ss', environment.timezone) }}",
                "token": "{{body.data.token}}"
            }
        },
        "log": {
            /**
            "sanitize": [
                "request.body.email",
                "request.body.publickey",
                "response.body.token"
            ]
             */
        }
    },
    "refresh": {
        "condition": "{{data.expires < addMinutes(now, 1)}}",
        "url": "https://example/credential/generate_token",
        "method": "POST",
        "body": {
            "email": "example@example.com.br",
            "publickey": "example-public-key",
            "apikey": "example-public-key"
        },
        "type": "urlencoded",
        "response": {
            "data": {
                "expires": "{{ parseDate(body.data.token_valid_until, environment.timezone) }}",
                "token": "{{body.data.token}}"
            }
        },
        "log": {
            /**
            "sanitize": [
                "request.body.email",
                "request.body.publickey",
                "response.body.token"
            ]
             */
        }
    }
}

The response from POST https://example.com/credential/generate_token is:

{
    "success": true,
    "data": {
        "token": "eyJhbGciOiJIUzI1NiIsInR55uZWN0dGhpbmsuY29tLmJyIn19.jOKS0mrcg6w+A7L//YdU=",
        "token_valid_until": "2022-08-24 20:54:18"
    },
    "profile": {
        "start": 1661381657.959692,
        "finish": 1661381658.055,
        "process": 0.09530806541442871
    }
}

Hi @AndyDaSilva52 ,
can you explain a bit more what are you trying to achieve? If you want to quickly validate your idea, you can try an already working solution. There is an Auth0 integration in Make, you can try the refresh token renewal with Auth0 > Make an API call. You can learn more about refresh tokens here: Refresh Tokens

1 Like
  1. Iā€™m trying to develop an app using the SDK like I said in the begining:

  2. This specific API work with a token that is get from for example:

    POST https://example/credential/generate_token
    with 3 parameters in the request body encoded (email, publickey, apikey)

  3. One example of response is:

    {
        "success": true,
        "data": {
            "token": "eyJhbGciOiJIUzI1NiIsInR55uZWN0dGhpbmsuY29tLmJyIn19.jOKS0mrcg6w+A7L//YdU=",
            "token_valid_until": "2022-08-24 20:54:18"
        },
        "profile": {
            "start": 1661381657.959692,
            "finish": 1661381658.055,
            "process": 0.09530806541442871
        }
    }
    
  4. So, after the time in the property data.token_valid_until had passed I have to get a new token using the same

    POST https://example/credential/generate_token

This token I will use in the headers in all endpoints of this API.

What I need is similar with the OAuth2.0 explained in the docs from the SDK:

The link you shared it seems to have the concept I need, but my question is how to implement this using the Make SDK. Do you know what I missing?

To achieve what you want you need a refresh token in addition to the access token. When your access token expires, it can only be renewed using the refresh token. So, your API would have to support two actions:

  1. generate a fresh pair of access + refresh tokens
  2. generate a new access token by using the saved refresh token

I am not sure if this is supported by the Make SDK - the documentation explicitly mentions a manual renewal:

When the expires period is overdue, the connection needs to be reauthorized manually