Solved

Question on rest token management

  • 15 April 2022
  • 6 replies
  • 649 views

Userlevel 5
Badge +16

Is there a way to “Refresh” a token once it has expired?

 

The default time a token lasts is 30 minutes, you can change that but is it possible to simply refresh a token that is expiring?

 

Really just a yes or no question.

 

Thanks.

icon

Best answer by Stuart Painter 19 April 2022, 07:57

View original

If you have a question or comment, please create a topic

6 replies

Userlevel 7
Badge +15

Hi @christopherlecky 

A REST API token will expire after 30 minutes of no activity.

So, if you continue to execute API calls, the token will remain valid.

Rather than request a refresh, you can always simply request a new token, which will allow the subsequent API calls to execute.

 

If this doesn’t help, maybe you can provide some extra context for the task you’re looking to perform and we can think on some strategies to help.

Thanks,

Stuart

Userlevel 5
Badge +16

Hi @christopherlecky 

A REST API token will expire after 30 minutes of no activity.

So, if you continue to execute API calls, the token will remain valid.

Rather than request a refresh, you can always simply request a new token, which will allow the subsequent API calls to execute.

 

If this doesn’t help, maybe you can provide some extra context for the task you’re looking to perform and we can think on some strategies to help.

Thanks,

Stuart

Thank you Stuart,

I wrote a powershell class that stores the token within the class instance. subsequent rest calls use the embedded token that is created when the class is instantiated. 

 

The way the class is currently written it takes a pscredential object when instantiated.

The pscredential object is not saved in the class. 

That means that if I want to be able to refresh the token I could just add a method to refresh the token. 

Otherwise I need to rewrite the class to save the pscredential object so that I can reauthenticate.

The alternatives are to set a really high token lifetime, or to track time between requests.

I have seen some rest implementations that allow a token refresh for previously valid tokens.

That’s why I asked.

 

 

 

Userlevel 7
Badge +15

Hi @christopherlecky 

I don’t think there’s a specific method to refresh the token.

Let’s assume know a token is expired due to the timeout period exceeded, sending an authentication request would effectively give you a new token.

You could set a long timeout period and continue to use that token for the duration.

Or, you could monitor for response codes and do some error handling on:

401

Unauthorized

The request did not include an authentication token or the authentication token was expired.

 

If you receive a response for unauthorized (assume token expired), then perform a re-auth and replace the token.

Maybe a balanced approach with a reasonable duration token and some handling on the expired token status?

Thanks,

Stuart

Userlevel 5
Badge +16

Hi @christopherlecky 

I don’t think there’s a specific method to refresh the token.

Let’s assume know a token is expired due to the timeout period exceeded, sending an authentication request would effectively give you a new token.

You could set a long timeout period and continue to use that token for the duration.

Or, you could monitor for response codes and do some error handling on:

401

Unauthorized

The request did not include an authentication token or the authentication token was expired.

 

If you receive a response for unauthorized (assume token expired), then perform a re-auth and replace the token.

Maybe a balanced approach with a reasonable duration token and some handling on the expired token status?

Thanks,

Stuart

Understood.

Having the token refresh would have been working on easy mode so I was just hoping it was an option.

 

Thanks.

Userlevel 7
Badge +15

Hi @christopherlecky 

I did a quick follow up with Development just to be sure I wasn’t missing anything.

Development have provided this API, which might be just what you’re looking for:

https://api.commvault.com/#fd997305-1eaa-493c-b5bf-bf0416fc44bc

 

POST RenewLoginToken

http://WebConsoleHostName/webconsole/api/RenewLoginToken

This operation renews and returns a new session token by providing the expired token

Request Body

Name Description
sessionId Authtoken which needs to be renewed
deviceId Device name from where login API was called.
Note: Same deviceId must be passed in POST /Login API during login

 

HEADERS

Accept: application/json

Content-Type: application/json

BODY raw

{
"sessionId": "{{ExpiredTOKEN}}",
"deviceId": "{{LoggedInDeviceName}}"
}

 

Apologies if we’ve gone around the houses to get here.

Thanks,

Stuart

Userlevel 5
Badge +16

GENIUS!!!

Thank you. 

This will save me a ton of time.

 

Thanks, Again.