Docs
Start typing to search…

Refresh Credentials

The refreshCredentials method defines how to refresh expired or invalid authentication credentials without requiring user intervention.

Authentication methods that require refresh by default (like OAuth2) will have standard implementations of credentials refresh.

You can use this method to override the standard implementation or add refresh logic to other auth types.

Implementation

You can implement this method using JavaScript:

// File: auth/refresh-credentials.js
import axios from "axios"

export default async function refreshToken({
  credentials,
  connectorParameters,
}) {
  const response = await axios.post(
    `https://api.example.com/v1/generate-token`,
    {},
    {
      auth: {
        username: connectorParameters.clientId,
        password: connectorParameters.clientSecret,
      },
    }
  )

  const accessToken = response.data?.access_token

  if (!accessToken) {
    throw new Error("Failed to get access token")
  }

  return { accessToken }
}

In your spec.yml:

auth:
  # ...other auth settings
  refreshCredentials:
    implementationType: javascript

Input Parameters

ParameterDescription
connectorParametersParameters configured for the connector in your workspace. Includes client IDs, secrets, and other connector-specific configuration.
connectionParametersInput provided by the user in the connection UI when they set up the connection.
credentialsCurrent credentials of the connection that need to be refreshed.

Return Value

The method should return an object with the new credentials.

These will be merged with the existing credentials. For example, if you only return { access_token: "new_token" }, only the access token will be updated, and other credential fields will remain unchanged.

Token Expiration Support

To enable automatic credential refresh scheduling, include expiration information in your returned credentials:

return {
  accessToken: "new_access_token",
  refreshToken: "new_refresh_token",
  expires_in: 3600, // Token expires in 1 hour (3600 seconds)
}

Or alternatively:

return {
  accessToken: "new_access_token",
  refreshToken: "new_refresh_token",
  expiresIn: 7200, // Token expires in 2 hours (7200 seconds)
}

When expiration information is provided:

  • Membrane will automatically schedule the next refresh 5 minutes before the token expires
  • If no expiration info is provided, credentials will be refreshed every 24 hours by default
  • The minimum interval between refresh attempts is 1 minute

Updated 3 days ago