...
- curl -H "Authorization: Bearer INSERT_EDX_ISSUED_ACCESS_TOKEN" http://localhost:8000/api/..
Expiration
Currently, our edX-issued access tokens expire in 30 days
...
for public clients like mobile apps, and 365 days for server-side clients. These values can be overridden with the settings variables OAUTH_EXPIRE_DELTA_PUBLIC
(for public clients) and OAUTH_EXPIRE_DELTA
(for confidential clients), which each take a timedelta
object for their value.
OAuth2 -> Session Cookie
Additionally, the mobile app can exchange an access token for a session cookie that can be used in a WebView:
...