...
- Create new Client IDs for edX-iOS-OAuth-v2-with-refresh and edX-Android-OAuth-v2-with-refresh to be used for the new versions of the mobile clients that will have support for refresh tokens.
- Run a script to extend the access token expiration time for all old mobile Clients by 100 years.
- Publicize the release of the new mobile apps and encourage old users to upgrade for "better security". (Caveat: see Why not long-lived Access Tokens?)
Authentication Flow
The OAuth authentication and refresh flow for mobile in case of login or any API call.
| Lucidchart | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|