Page 1 of 1

API disconnects approx. 7 days after login

Posted: Mon Oct 14, 2019 7:38 am
by ETonchev
Our website allows our clients to log into their Bullhorn account through our "Marketplace" after which we store the tokens we receive in our database. These tokens are used frequently during the day, performing read/write operations, meaning they are also refreshed quite often and no problems arise during that process.

An issue however that we currently have is that approximately a week after our client logs into their account, when a request is made to refresh the token we get:
"error" : "invalid_grant",
"error_description" : "Invalid, expired, or revoked refresh token."

From that point onward the client's tokens cannot be used anymore. What this means for us is that once a client logs in their Bullhorn they get essentially disconnected after a week. What could be the cause of this?

We are located in the UK and refresh our tokens by using: ... ecret=XXXX

Re: API disconnects approx. 7 days after login

Posted: Fri Oct 18, 2019 3:41 pm
by pmularski
Greetings Etonchev,

It is definitely not best practice to tie a login to a given API token. Those tokens are not permanent, and doing so will result in the scenario you are experiencing.

If possible, the token should be generated after login is validated. With that said, you may receive more practical coding advice from other users on this channel.