Multiple OAuth tokens

IvanDemkovitch · ‎10-21-2014

We are using ArcGis for Developers and have our application ID/Secret.

We call REST API to get OAuth token, works great. To minimazie chat - we request token for max amount of time (14 days).

Then we structure code in a way that our app calls needed API (if OAuth token cached locally) and if we get error response - we code in such a way that we will refresh OAuth token and retry when needed.

Questions:

1. Is there a definite response/error/code/etc on all REST API endpoints which we can check to see if token we passed was expired?

2. Our application might be used by multiple customers. They all will be requesting OAuth tokens. Does ESRI server keep multiple tokens associated with our account or most recent one replaces old one?

Obviously, because of how we do it - it would be ideal if multiple tokens were possible.

Thank you!

HeikoHeijenga · ‎12-08-2014

1. When you generate a token you also know when it will expire. Can't you store the time the token will expire and request a new one when it's about to expire?

2. Each time you request a token a new unique one will be generated. Each token has it's own expiration time, so yes you can have multiple tokens.