GitHub OAuth Requires Re-Authentication too frequently

  1. My goal: I'd love to find a way to have authentication via a GitHub OAuth app last longer than 60 minutes. Right now you have to re-authenticate from Retool -> GitHub hourly which is quite dispruptive. This is what we see:

  1. Issue: I set up a new GitHub OAuth App in our Github organization and connected it to Retool using the standard OAuth App flow.
  2. Steps I've taken to troubleshoot:
  • I tried looking for ways to customize session duration in Retool and GitHub but found nothing
  • I did notice that when I look into the Token status in Retool, there is a status for Refresh Token but that this is currently blank. That would make sense why the App has to be re-linked, but I don't see any way to provide a refresh token?
  1. Additional info: (Cloud or Self-hosted, Screenshots): Cloud

Hi @David_Meadows,

I believe you may need to check expiration for access token from Github side. I did a quick search and it seems that there are two types of tokens Github will issue, one type has no expiration time and the other is a 'fine-grained' token which will have settings for an expiration time.

Retool will continue to use the token until the response from Github is an error response with a type of 'expired token' which causes the prompting to auth back in as shown in your first screenshot.

Github does not have refresh tokens, unfortunately. But in other cases such as with Okta there would be an option to toggle on refresh tokens and then Retool will automatically thread that into the 'Refresh token' with an active status that would be visible.