The functions in codeunit 501 "OAuth2" provide "Access Tokens", but they don't provide the expiry time of the access token, which is assigned by the API to token.
As a new token must be requested once the expiry time of a token is reached, this expiry information is important to write API integrations using OAuth2 flows.
Could the codeunit be changed by providing functions that return the expiry time as an additional parameter to the access token?
Comments
Apologies for the duplicate comment.The text did not display as I intended after I clicked Submit.Briefly: From my perspective, access to token expiration information is essential, so codeunits like codeunit 560 "CrossIntercompany Connector" in "Base Application W1-25" should avoid using constants like StandardExpirationInSeconds := 3599 to store "Token Expiration Time".
Category: General
When the warning `"AL0432: Method 'AcquireTokenWithClientCredentials' is marked for removal. Reason: Use AcquireTokenWithClientCredentials with SecretText data type for AccessToken.. Tag: 24.0."` appears, I notice that I can no longer retrieve information about token expiration.Searching within "Base Application w1-25," I found an example in Codeunit 560, **CrossIntercompany Connector**, where expiration is handled using a constant `StandardExpirationInSeconds := 3599`.```al internal procedure GetBearerAccessToken(var ICPartner: Record "IC Partner"): SecretText var Token: SecretText; begin if (ICPartner."Token Expiration Time" Token := AcquireBearerAccessToken(ICPartner); if StoreTokenInICPartner then begin ICPartner.SetSecret(ICPartner."Token Key", Token); ICPartner."Token Expiration Time" := CurrentDateTime + StandardExpirationInSeconds; // StandardExpirationInSeconds is a constant. ICPartner.Modify(); end end else Token := ICPartner.GetSecret(ICPartner."Token Key"); exit(Token); end;```I'm concerned about cache issues when changing App registration because the `OAuth2` Codeunit, as I recently discovered, manages expiration internally. Knowing access token details and expiration time feels essential from my perspective.
Category: General
When the warning `"AL0432: Method 'AcquireTokenWithClientCredentials' is marked for removal. Reason: Use AcquireTokenWithClientCredentials with SecretText data type for AccessToken.. Tag: 24.0."` appears, I notice that I can no longer retrieve information about token expiration.Searching within "Base Application w1-25," I found an example in Codeunit 560, **CrossIntercompany Connector**, where expiration is handled using a constant `StandardExpirationInSeconds := 3599`.```al internal procedure GetBearerAccessToken(var ICPartner: Record "IC Partner"): SecretText var Token: SecretText; begin if (ICPartner."Token Expiration Time" Token := AcquireBearerAccessToken(ICPartner); if StoreTokenInICPartner then begin ICPartner.SetSecret(ICPartner."Token Key", Token); ICPartner."Token Expiration Time" := CurrentDateTime + StandardExpirationInSeconds; // StandardExpirationInSeconds is a constant. ICPartner.Modify(); end end else Token := ICPartner.GetSecret(ICPartner."Token Key"); exit(Token); end;```I'm concerned about cache issues when changing App registration because the `OAuth2` Codeunit, as I recently discovered, manages expiration internally. Knowing access token expiration time feels essential from my perspective.
Category: General
I just learned from another developer that the dotnet componend used by this codeunit is handling the expiry time internally and returns the Access Token from cache or requests really new if old one is expired. Would be good to get this documented somehow from MS side ...
Category: General
Business Central Team (administrator)
Thank you for this suggestion! Currently this is not on our roadmap. We are tracking this idea and if it gathers more votes and comments we will consider it in the future. Best regards, Business Central Team