question

pritesh25 avatar image
pritesh25 asked pritesh25 answered

Refresh Access Token with SDK and API

I read the document here which states that

1. Frontend apps that use OAuth to authenticate users to their own apps often don’t need a refresh token.

2. Some apps only need the access token to verify that the user successfully authenticated with Clover, and then use that token to get details from the API.

Based on the above points do I need to implement a refresh access token only while making an API call? or while making an operation with Clover SDK? or both?


I'm asking this question Because I have an

1. e-commerce website that uses Clover API

2. android app with Clover SDK and Clover API

Clover Android SDKclover developer communityAPI Token
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

·
wm1 avatar image
wm1 answered wm1 edited

I'd like to second this as there's no clear explanation on how to deal with tokens received from SDK vs tokens received from OATH flow.

We have 2 ways to authorize a merchant:

1. Merchant installs the app on Clover
> In this case we get an auth token from SDK call Authenticate -> AuthResult -> authToken and we then use this token in REST API requests from our backend (Authorization: Bearer header)


2. Merchant logs into our control panel and starts OAUTH2 flow for Clover
> In this case we can get auth token OR auth+refresh token


Questions:

1. Can we continue using authToken received from the SDK in REST API requests?

2. If not, do we "migrate" SDK authToken as a "legacy" token described here: https://docs.clover.com/docs/legacy-token-migration-flow . According to this guide, the token is invalidated in the process. Since we cache the token in the app, it sounds like we'll need to re-auth via SDK?

3. If a merchant follows OAUTH and we get auth+refresh token, does it invalidate SDK auth token?

10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

pritesh25 avatar image
pritesh25 answered

Below is reply from clover, happy coding!

clover.png




clover.png (72.1 KiB)
10 |2000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community