Topic: Authenticating before every request? | XBRL US

Tagged: Authentication

This topic contains 1 reply, has 2 voices, and was last updated by David Tauriello 1 month, 2 weeks ago.

Author

Posts
Tuesday, October 30, 2018 at 10:13 AM #114364

Jim Truscott
Participant

If I just post an authentication request before every data request, saves me having to write a bunch of code the check whether the access token is still valid. Any problems with that?

Refresh token would save me having send to username and password again but I still have to submit a sensitive client secret so not sure what that gains me?
Thursday, November 1, 2018 at 5:15 PM #114898

David Tauriello
Keymaster

It would be best if you include code to check whether the token is valid instead of requesting a new token for each request – if you’ve got several calls and each requests a new token, you’ll bottleneck your returns and might impact others who are requesting resources.

Each token has a lifetime of an hour, after which you can use the refresh token to request a new access token.
Author

Posts

You must be logged in to reply to this topic.

Comment

You must be logged in to post a comment.

The national consortium for
the business reporting standard

XBRL US is a not-for-profit organization supporting the implementation of digital business reporting standards through the development of taxonomies for use by U.S. public and private sectors, with a goal of interoperability between sectors, and by promoting XBRL adoption through marketplace collaboration.

© 2007-2018 XBRL US, Inc. All rights reserved.
XBRL US Inc. 1455 Pennsylvania Avenue, NW 10th Floor · Washington, DC 20004 · ph: 202-448-1985 · fx: 866-516-6923