DEVHIDE
Login Or Sign up

Google Calendar API expiration time for refresh_token?

36 Views Asked by At

In my nodejs server I am using '@google-cloud/local-auth' library to create events in calendar, when I authenticate to google calendar it returns me a client with refresh_token. What is the expiration time for this refresh_token?

  public async authorize(): Promise<any> {
    let authClient: any = await this.getSavedCredentialsIfExist();
    if (authClient) {
      return authClient;
    }

    authClient = await authenticate({
      scopes: ['https://www.googleapis.com/auth/calendar'],
      keyfilePath: CREDENTIALS_PATH
    });

    console.log('authClient', authClient);

    if (authClient?.credentials) {
      await this.saveCredentials(authClient.credentials.refresh_token);
    }
    return authClient;
  }

Returned Client details:

{
   "type":"authorized_user",
   "client_id":"***",
   "client_secret":"***",
   "refresh_token":"***"
}

I looked at Google Calendar API documentation and didn't find the answer.

node.js oauth-2.0 google-oauth google-calendar-api google-api-nodejs-client
Original Q&A
1

There are 1 best solutions below

0
Linda Lawton - DaImTo On

Please see oauth2#expiration

Refresh tokens are designed to be long lived and should not expire. For google though there are a few ways they can expire.

  • The user has revoked your app's access.
  • The refresh token has not been used for six months.
  • The user changed passwords and the refresh token contains Gmail scopes.
  • The user account has exceeded a maximum number of granted (live) refresh tokens.
  • If an admin set any of the services requested in your app's scopes to Restricted (the error is admin_policy_enforced).
  • For Google Cloud Platform APIs - the session length set by the admin could have been exceeded.

A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days, unless the only OAuth scopes requested are a subset of name, email address, and user profile (through the userinfo.email, userinfo.profile, openid scopes, or their OpenID Connect equivalents).

Note on the last part this is testing not verification.

Related Questions in NODE.JS

Related Questions in OAUTH-2.0

Related Questions in GOOGLE-OAUTH

Related Questions in GOOGLE-CALENDAR-API

Related Questions in GOOGLE-API-NODEJS-CLIENT

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.