We currently have two API tokens that are required to connect with the different data sources we use. We have the refresh auth set to a time-based expiration for both of them, and have enabled the setting for the custom auth workflow to run without prompting the user.
What we are running into is that when the token expires, we have to click the icon next to our profile to trigger the re-auth workflow. And then only one of them runs automatically, we have to click the re-auth button for the second one to run.
Is there a way to set up this re-auth trigger to just run automatically after a user logs in without needing any prompting, or for our internal user to have to click the icon? Or even to set it up so that both refresh triggers will run once the re-auth icon is clicked (instead of just one running automatically, and either having to close and re-open the auth flow or click on the re-auth button)?
Unfortunately, based on the behavior you're describing, the re-auth trigger is not fully automated across multiple tokens. One possible approach is to ensure both auth workflows are configured to auto-run without user interaction upon session login.
Are you able to share screenshots of the auth configuration and the refresh steps?
It should be possible to set up the behavior you are looking for but has @MargarettSanford it sounds like there may be a missing steps that needs to be completed to have the auto refresh trigger once the token expires.
I believe that in some cases the token used to auth into the app can be used for authenticating resources but in some cases there needs to be at least once auth process to get a usable token for the resource which will be a different token from the once gained when a user first logs in.
Just wanted to double check on if you could share more details or some screen shots on the auth flows for the resources that you currently have set up so I can better help troubleshoot!
I was able to get the authentication to start kicking off semi-automatically. If there is a way to auto-run that on a schedule it would be amazing, but I suspect that is likely out of scope because different systems will have different refresh rates for API tokens so that would likely not have a positive impact for all customers. As it stands now, once I or someone on my team tries to do something that requires the API to re-authorize we see the exclamation point/triangle icon next to our names and click it, and the dialogue box shows up and we see the re-auth happening. So I think that is sufficient for now.
It would be great if there was a way to simply kick off that authentication in the background so that from my team's perspective it just feels like the query is taking slightly longer than usual. If you can suggest anything that I can do with event handlers to make that happen I'm all ears.
One option for the functionality you are describing would be to set up the "Refresh auth workflow" which would involve users only having to click through the auth flow of a resource once.
With the resource automatically catching any non-200 responses (signaling the current auth tokens have expired) and using a refresh token that was provided by the API to re-engage the API to say "Hey I was just authenticated and here is my proof, can I get new tokens".