Skip to Content

Refresh token management automation

Advanced
20 min.
SAP Concur, Advanced, Tutorial
Uses timestamps and a json file to automatically manage refresh token expiration.
You will learn
  • How to manage refresh token expiration using timestamps and a json file
MarcBell-SAPMarc BellJuly 27, 2023
Created by
MarcBell-SAP
July 27, 2023
Contributors
MarcBell-SAP

Prerequisites

  • Step 1
    1. Go to the Company Request Token screen.
    2. Enter your App ID in the required field and click Submit to regenerate your company request token.
    3. Copy/paste the Company UUID and company request token fields to a text file.
      image
    4. Click OK after you have saved this information to a text file.
      image
  • Step 2
    1. Get the NodeJs sample code.
    2. Open SampleCode/Tutorial_2/RefreshTokenManagement.js in your IDE or text editor.
  • Step 3
    1. Type node RefreshTokenManagement.js in terminal to run the app to generate your credentials.json file. This generates messages in the terminal that show the credentials object.
      image

      image
    2. Fill in the empty fields in this file with the information in the credential object. You can use all of the information from your credentials.json file in the previous concur-get-refresh-token tutorial except for the company request token.
      image

    How do we manage refresh token expiration?

  • Step 4
    1. Run the app again. Since the app does not have a stored valid refresh token, the app will not find a valid refresh token in refreshTokenObjectFile.json.
      image

      image
    2. The app will call the Oauth2 /token endpoint using your credentials and regenerate your refresh token.
      image
    3. If the API call is successful, the refresh token data is converted from JSON format into a refresh token object and stored in the file refreshTokenObjectFile.json.
      image

      image
  • Step 5
    1. Run the app again. Since the app now has a valid refresh token, the app will successfully load and check the validity of the file refreshTokenObjectFile.json.
      image
    2. Check for a successful validity check on the refresh token object loaded from refreshTokenObjectFile.json. If the refresh token object validity check is successful, the refresh token object will be stored in the app for use with future API calls.
      image

      image
Back to Top
Back to top