Hi,
We built a Freshdesk custom app that uses OAuth tokens to validate requests to our side. However, we have noted the custom app doesn’t trigger login screen for the agent to reauthenticate themselves after their oauth token expires even after 401 - Unauthorized http response codes are sent back from our side because of the expired token. Please advise or help on where the issue could be
Hi @collin,
Thanks for bringing this to our notice. Can you share more details of the app and also oauth_configs.json without the credentials values?
Hi @zach_jones_noel ,
The oauth_configs.json looks like so:
{ "client_id": "xxxxxxxxxxx", "client_secret": "xxxxxxxxxxx", "authorize_url": "https://{{azure-authorize-api}}", "token_url": "https://{{our-internal-token-api}}", "token_type": "agent", "options": { "scope": "openid" } }
By the way, this is a continuation of this previous topic where you were involved in the discussion until it was discovered that a bug was causing the issue.
Thanks for sharing the details, @collin.
I don’t think at this point it has a re-authorization flow. However, whenever the tokens expire, the platform refreshes them.
A small hack if tokens are not refreshing is, clearing the localstore values should enforce the auth flow for an agent to authenticate.
Hi @zach_jones_noel ,
Thanks for the feedback and pro-hack, indeed that’s exactly what we’ve been doing as techies to manually trigger re-authentication flow, we were hoping there was an automated way to achieve this since unfortunately our target audience, the agents, might not be that tech savvy to know where to find localstores on their browsers and which artefact to delete for that matter. Would you know when this capability would be added to the platform as it looks quite crucial for custom app authentication flow?
Hey @collin,
I don’t have the timelines as of now given it’s close to the Holiday season, I can update you about it during Jan. I Hope that is fine.