Solved: Re: Access token expiration time

Caméléon · 03-07-2023 07:41 AM

How can I have longer expiration times for the google cloud APIs or avoid re-authenticating every day or so. It's very frustrating and I would like to find a solution. I'm using multiple google cloud APIs such as analytics, tag manager, my business. All oauth2 authenticated.

imtaher

To extend the expiration time of your Google Cloud APIs' authentication tokens or avoid re-authenticating every day, you can follow these steps:

Use a Service Account: Instead of using your own user account to authenticate, create a service account for your application to access the APIs. Service accounts are specifically designed for server-to-server interactions and don't require frequent re-authentication.
Use Refresh Tokens: When you authenticate with OAuth2, you can request a refresh token in addition to an access token. The refresh token can be used to obtain a new access token when the current one expires, which can extend the expiration time of your authentication.
Set a Longer Expiration Time: By default, Google Cloud API tokens expire after 1 hour. However, you can request a longer expiration time of up to 12 hours by specifying the "expires_in" parameter when you authenticate.
Use Google's Client Libraries: Google's official client libraries (such as the Google Cloud Client Libraries) handle authentication and token refreshing automatically, which can simplify the authentication process and prevent frequent re-authentication.
Use Persistent Storage: To avoid re-authenticating every time your application runs, you can store the access and refresh tokens in a persistent storage such as a database or file system. When your application starts, it can read the tokens from storage and use them to authenticate.

I hope these suggestions help you to extend the expiration time of your Google Cloud APIs' authentication tokens or avoid re-authenticating every day.

If you need more help than you can contact me on Kiask.xyz.

View solution in original post

imtaher

To extend the expiration time of your Google Cloud APIs' authentication tokens or avoid re-authenticating every day, you can follow these steps:

Use a Service Account: Instead of using your own user account to authenticate, create a service account for your application to access the APIs. Service accounts are specifically designed for server-to-server interactions and don't require frequent re-authentication.
Use Refresh Tokens: When you authenticate with OAuth2, you can request a refresh token in addition to an access token. The refresh token can be used to obtain a new access token when the current one expires, which can extend the expiration time of your authentication.
Set a Longer Expiration Time: By default, Google Cloud API tokens expire after 1 hour. However, you can request a longer expiration time of up to 12 hours by specifying the "expires_in" parameter when you authenticate.
Use Google's Client Libraries: Google's official client libraries (such as the Google Cloud Client Libraries) handle authentication and token refreshing automatically, which can simplify the authentication process and prevent frequent re-authentication.
Use Persistent Storage: To avoid re-authenticating every time your application runs, you can store the access and refresh tokens in a persistent storage such as a database or file system. When your application starts, it can read the tokens from storage and use them to authenticate.

I hope these suggestions help you to extend the expiration time of your Google Cloud APIs' authentication tokens or avoid re-authenticating every day.

If you need more help than you can contact me on Kiask.xyz.

Shamsvip

Ok

varad_mundra

How do I set the less expiration time using PHP

rashid4844

How can we set expire_in time for edge management access token API?

tconfrey

Hi Following up to this answer and referencing the documentation here: https://developers.google.com/identity/oauth2/web/reference/js-reference#google.accounts.oauth2.init... . I don't see "expires_in" listed as an accepted parameter in the requestAccessToken call. I tried setting it anyway but the token still comes back with "expires_in" set to 3599.

Can you point to any documentation or reference defining how to extend the expires_in time span? Thanks.

AIFRO

If you want a specific app, you can also go to https://admin.google.com/ac/security/reauth/admin-tools and for "Require reauthentication" select "Exempt Trusted apps"... and then go to https://admin.google.com/ac/owl/list?tab=apps and configure your app to be trusted. You may need to add additional scopes which you can chat with AI to find if needed. You can also add your own app you have running on firebase to this list of apps to be trusted.