After some period of time, an access token expires. This topic describes how to update it.
There are two possible ways to update an access token: use refresh token or repeat the process of getting an access token via the consent screen.
When an authorization server issues an access token, it may also issue a refresh token. ReadyAPI stores the refresh token in the project file, so when the access token expires, ReadyAPI can send it to the authorization server to get a new access token.
Important
Currently, you cannot get a refresh token from Google, as ReadyAPI does not support sending the access_type and prompt parameters required for that.
In case a refresh token was not issued or it expires, you need to repeat the process of getting an access token. It means you get an access token in the same way you get it in the first time, by using one of the OAuth 2.0 grant types.
Tip: ReadyAPI allows you to simulate the needed actions, so it will be able to get a new access token in unattended mode. To learn more, see Automation Script.
The process of updating an access token in ReadyAPI depends on several aspects:
Whether the Refresh Access Token option is set to Automatic or Manual.
Whether there is a valid refresh token.
Whether the automation script is configured.
Refresh Access Token | ||
Automatic | Manual | |
Refresh token exist | ReadyAPI automatically updates the access token using the refresh token. | You need to click Refresh to update the access token using the refresh token. |
There is no valid refresh token | ReadyAPI opens the consent screen. You need to repeat the process of getting an access token. | You need to open the Get Access Token and repeat the process of getting an access token. |
In both cases, if there is a configured automation script, ReadyAPI uses it to simulate interaction with the consent screen. | ||
Below, we describe each of these scenarios in detail.
There are two possible ways to trigger the process of the access token update:
In Automatic mode - ReadyAPI starts the process once the access token expires. This is the default behavior.
In Manual mode - you need to start the process manually.
Click Advanced when selecting the OAuth 2.0 profile in the Auth manager or in the Auth panel.
Set the needed mode in the Refresh Access Token option:
If there is a refresh token, ReadyAPI simply uses it to get a new access token. It happens in the background when you send a request with the expired access token.
If there is no refresh token, or if it is expired, ReadyAPI shows the login and consent screens. In case you configured the automation script, ReadyAPI runs it to simulate the needed actions. Otherwise, you need to manually go through the login and consent screens to get an access token.
Note
Do not confuse the Automatic mode of the Refresh Access Token option and the automation script. The Refresh Access Token option tells ReadyAPI when to trigger an access token update, while the automation script simulates the needed actions on the login and consent screens.
If there is a refresh token, ReadyAPI shows the Refresh button:
 |
 |
Click the button to refresh an access token.
Important
The button is absent if there is no refresh token.
You can get a new access token in the same way you do it in the first time, by using the corresponding OAuth 2.0 grant type.
Tip
If you configure the automation script, ReadyAPI performs the needed actions in the login and consent screens even if you set the Refresh Access Token option to Manual.