I am currently building a client-side app which uses OAuth 2.0. The environment does not allow the data to get redirected directly to the client-side app, therefore a proxy is used to initialize and complete the OAuth flow.
The issue arises when I try to use the refresh token to renew the access token. With my limitations, this cannot happen on the server.
My questions is therefor; do the refresh token expire? If yes, what is the lifetime then? And what is my options as a workaround? I am aware of the HAPIkey, but the OAuth flow gives a much better user experience!
So the refresh tokens don't expire unless the integration is uninstalled. And the access tokens live for 6 hours. Does that help with what you're trying to do?
Thanks for the reply. So just to clarify, if an access token expires, can I still use the refresh token (after the access token has expired) to get a new one?
That's correct. So the access token will expire after 6 hours, at which point you'll need to use the refresh token to get a new access token. That refresh token won't expire, and it's how you get new access tokens. You can do that using the endpoint documented here: https://developers.hubspot.com/docs/methods/oauth2/refresh-access-token. Let me know if that makes sense or if you have any trouble getting it set up?