Hello, I’m creating a private app, and when performing the “install” process, I try to retrieve the access_token through OAuth (a request to https://accounts.crowdin.com/oauth/token with grant_type set to crowdin_app). It returns the access_token, which expires in 2 hours, but it does not return any refresh_token, meaning that after 2 hours, my private app will stop working.
I tried using authorization_code as the grant_type, but it doesn’t even return the access_token.
To give more context, this is the response:
{
token_type: 'Bearer',
expires_in: 7200,
access_token: 'token...'
}
I’m following this docs: Quick Start | Developer Portal
const oauthPayload = {
grant_type: "crowdin_app",
client_id: process.env.CLIENT_ID,
client_secret: process.env.CLIENT_SECRET,
app_id: req.body.appId,
app_secret: req.body.appSecret,
domain: req.body.domain,
user_id: req.body.userId,
};
const token = await axios.post(process.env.AUTH_URL, oauthPayload);
console.log(token)
Hi @kavehome , let us check this with the tech team and come back
Thx! I’ve been reviewing this, and I think we might want to update the documentation. While it mentions the refresh token, it later states that if the token expires, a new access token must be generated in the same way as the original one.
I’ll try to submit a PR on your GitHub to update the documentation
Hi,
This grant type does not require a refresh token. crowdin_app grant type uses a special flow. indeed, if you call this method again, a new token would be issued.
Crowdin has an application development framework (currently not public). This framework abstracts a lot of the API away from the developer and allows you to focus on the features you want to develop. I highly recommend a quick call with the team where we can give you a presentation and also provide all the SDKs.