Missing refresh_token from oauth/token API about vets-api-clients HOT 7 CLOSED

Hi @cassiopeiaym. I'm sorry you're having trouble with this. Luckily the fix should be easy. In order to receive a refresh token, you need to request access to the offline_access scope. That's missing from our current documentation. I don't have a great explanation why that's missing but I'm fixing it today. Thanks for helping us find that mistake!

from vets-api-clients.

@dvogel
Thank you for your guide about this.

Unfortunately, I've still not received the keyvalue for 'refresh_token' and 'expires_in' :(
I requsted the scope for these :

openid profile email offline_access launch/patient patient/Patient.read patient/AllergyIntolerance.read patient/Condition.read patient/DiagnosticReport.read patient/Immunization.read patient/Medication.read patient/MedicationOrder.read patient/MedicationStatement.read patient/Observation.read patient/Procedure.read veteran_status.read

Most of the scopes I knew were requested.

also, additionally I attached the scope for 'offline_access' you said.
But I couldn't catch the refresh_token and expires_in ~

I can't handle the data about refresh_token at all.

Please check your authoriztion code flow and let me know to get ' refresh_token'.

from vets-api-clients.

Hi @cassiopeiaym. There was an additional issue I had to fix with the configuration of your application on our end. Could you try once more?

from vets-api-clients.

@dvogel
Hi ~ finally I got the refresh_token. Thank you so moch for your help
Of course, I would like you to send me the value of result for expires_in like as your documents, but I will proceed with offline_access mode with refresh_token and access_token.

from vets-api-clients.

I'm glad you were able to get the refresh_token. That same payload should have an expires_at field. I think there was a typo in the documentation that showed the token payload having an expires_in field. We've fixed that in the most recent documentation updates. Please make sure you refresh to receive the most recent documentation. To quickly confirm what you should see:

from vets-api-clients.

@dvogel
Thank you for everything. 👍

I have requested the API for get a new 'refesh_token' now. (grant_type=refresh_token)
and received the same format as when got the access_token payload.

I can calculate the 'expires_in' from decoded 'access_token' data.
Everythins is okay.

But I have a question about the refresh_token.
I think this refresh_token has not the JWT token format.
Can I know when the 'refresh_toekn' expires ? or Please Tell me how I can find it .

from vets-api-clients.

@cassiopeiaym refresh tokens never expire. We have the ability to revoke them in the event of a security incident but in your development you can assume they are valid.

from vets-api-clients.