I can authenticate and fetch an access_token and the corresponding refresh_token fine (subsequent API interactions are also fine).
However, I seem to only be able to refresh a token (POST
to /oauth/token
with grant_type=refresh_token
) before the access_token
actually expires. After the expiration, the same refresh code (exactly that provided within the docs), returns with an error of invalid_grant
.
I am using the soundcloud-ruby SDK, FWIW, but I can reproduce it through curl.
As an aside, I found some old messages from the Google Group mentioning that I can request a non-expiring token, but I do not see this mentioned anywhere in the docs. Is this still a viable option?
That is correct. Refresh tokens cannot be used after an access token expires.
You can request a non-expiring access token by specifying scope=non-expiring
when constructing an authorization URL. To do this with the Ruby SDK, simply pass the additional params to the authorize_url
method:
require 'soundcloud'
client = Soundcloud.new(
:client_id => 'YOUR_CLIENT_ID',
:client_secret => 'YOUR_CLIENT_SECRET',
:redirect_uri => 'REDIRECT_URI'
)
client.authorize_url(:scope => 'non-expiring')
The rest of the flow should be exactly the same (grab the 'code' parameter from the query string and make a POST
request to /oauth2/token
).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With