Api: OAuth without client interaction

Can’t you just store refresh token after first login? You’ll be good for a long time then. Thats what I run on my private stuff.

On 21 Jul 2019, at 16:41, Dylan Strohschein notifications@github.com wrote:

I was wondering if there was any way to authenticate without having interaction. I already have my username and password and I am the only one using my application and do not want to have to login every time. It would be great if I could set it in the background!

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

How long is the refresh token good for?

90 days if I remember correctly. And correct me if I'm wrong but when you
refresh it, you get a new one that is valid for 90 new days (and you can do
it only with rest call, no user interaction required). So technically,
except if you don't start your app for a quarter of a year, you're set
forever.

On Sun., Jul. 21, 2019, 3:47 p.m. Dylan Strohschein, <
[email protected]> wrote:

How long is the refresh token good for?

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/Bungie-net/api/issues/984?email_source=notifications&email_token=AC6LESXMF6UFQYS66WDAF23QAS4MBA5CNFSM4IFSWU62YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD2OKJZI#issuecomment-513582309,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AC6LESS2SLSXTWTNRGOLGZDQAS4MBANCNFSM4IFSWU6Q
.

The authorization lasts for one year as long as you grab a new refresh token before the old one expires (90 days). The OAuth token response includes the parameter refresh_expires_in which is the number of seconds the refresh token is valid.