Pardon me if this I’m asking the wrong questions, but with API access tokens only lasting 24 hours, how am I supposed to refresh the tokens once the expire?
Here’s a little bit of reference. I’m building a Discord Bot using Python and storing access_tokens in a MySQL database. Users will be able to utilize a command that will generate a user-specific URL to connect to the blizzard servers and return an access_token that is then tied to their Discord User ID. This access token is used to query information about the user’s WoW characters and gather some information that can then be used in the Discord bot to notify the Discord when the user does certain things in the game, that are accessible via the WoW API endpoints.
However this token is only good for 24 hours and will eventually expire which leads me to wonder, how can I refresh the token without prompting each user to log in every single day???
Typically OAuth token responses have the following:
{
access_token:
expiry:
…
refresh_token:
}
This refresh token is send to the same oauth/token
URL with the URL parameter of ?grant_type=refresh_token
, but the Blizzard OAuth API says this is an invalid grant type.
What can I do to avoid prompting users to log in every 24 hours to refresh their own access tokens?