|
|
|
|
|
|
by wisdomtt
1589 days ago
|
|
|
When a consumer logs in with our application we save their access/refresh tokens. We can use these keys to keep a long lived session such that an app using our API should never have to re-auth their users again. The only instance where a session may need to re-auth is if their password gets changed, or some equivalent account modification such that the long lived refresh tokens expire. We specifically chose to integrate with institutions with refreshable tokens directly in order to maintain secure non-buggy connections. |
|
|