Wp-calypso: Jetpack Onboarding: Delete onboarding token after completion
We generate the onboarding token to allow onboarding requests, but after onboarding has been completed, we probably want to delete the token because it will no longer be necessary.
We could do that immediately (currently supported in the Jetpack settings endpoint by providing the end parameter to the onboarding setting).
Another possible way is to clean the onboarding tokens automatically using a cron job (wp_schedule_event()).
Probably the best way to do it is upon successful Jetpack connection.
tyxla
All 5 comments
Probably the best way to do it is upon successful Jetpack connection.
I agree. However, if we move Jetpack connection to an earlier step, this will cause all other steps to stop working, won't it? :slightly_frowning_face:
ockham
on 14 Feb 2018
That's true 馃槥
Let's wait and see if we'll be moving the Jetpack Connection step at the beginning. If we decide to move it, we might have to implement something on the Jetpack side to delete the tokens after some period has passed after their last use. If we keep it at the end, we can probably do it in Calypso upon connection.
tyxla
on 15 Feb 2018
However, if we move Jetpack connection to an earlier step, this will cause all other steps to stop working, won't it? :slightly_frowning_face:
One more idea -- can we make the onboarding endpoint simply work when connected, i.e. authenticated through a "regular" JPC token?
ockham
on 16 Feb 2018
I like this idea, but it's separate from deleting the token, so opening a separate issue for it: #22578
tyxla
on 19 Feb 2018
A solution for this one has been suggested in #22763 and https://github.com/Automattic/jetpack/pull/8933.
tyxla
on 23 Feb 2018
Related issues
samouri
路
3Comments
rickybanister
路
3Comments
hoverduck
路
3Comments
gedex
路
3Comments
jjchrisdiehl
路
3Comments
Most helpful comment
I like this idea, but it's separate from deleting the token, so opening a separate issue for it: #22578