To execute queries to API, a transfer of accessToken in Authorization heading is required.
Getting an access token
To get an access token use tokens.make method.
You’ll need to specify data from My Account: email, password and appId.
In return you’ll get a pair of tokens (accessToken and refreshToken):
- accessToken - Valid for 24 hours. Required for executing queries to API.
- accessTokenEndTime - accessToken expiration time (unix timestamp).
- refreshToken - Valid for 14 days. Required for acquiring a new pair of tokens (prolongation of access).
- refreshTokenEndTime - refreshToken expiration time (unix timestamp).
Acquired tokens should be saved on app side for possibility to execute queries to API subsequently and access prolongation (getting a new pair of tokens).
Prolongation of access token
To prolongate the access (get a new pair of tokens), use tokens.refresh method.
In return you’ll get a fresh pair of tokens.
Acquired tokens should be saved on app side for possibility to execute queries to API subsequently and access prolongation (getting a new pair of tokens).
Recommendations on access token prolongation
We have encountered cases when application developers "just in case" before each query to API over again got an access token by calling tokens.make. This scenario is wrong, it creates unnecessary load. The same applies to scenarios with automatic update of tokens once per hour or once per a day - it’s unnecessary.
If you save a pair of tokens - accessToken and refreshToken - on app side, you simply execute a query to API specifying saved accessToken (assume you saved the accessToken but failed to save the date and time of its expiration). If the token is no longer valid, you’ll get the following error in return:
{
"success": false,
"error": {
"code": "ApiInvalidTokenError",
"message": "Invalid Token"
}
}
This is the moment you need to execute query tokens.refresh with saved earlier refreshToken to get new accessToken and refreshToken. Save a new pair of tokens on app side and then repeat your query to API with new accessToken.
Limitations for acquiring access tokens
Acquiring of new tokens by tokens.make method is limited.
100 tokens in a day are available for email-appId.