Re: [google-appengine] Re: Obtaining refresh_token through offline_access scope to be used with IAP

That's great to hear José. I'm a bit new to using JWT tokens myself (having only used OAuth2 access & refresh tokens) when talking to Google APIs. One big advantage to JWT tokens is that you save API calls to both exchange a JWT for an access token as well as your case of needing to send a refresh

Re: [google-appengine] Re: Obtaining refresh_token through offline_access scope to be used with IAP

Yes, Wesley is right, in the end a refresh_token is not that necessary in this case, it suffices with self-signing a new JWT token with the exp timestamp updated, thanks! On Wed, Sep 2, 2020 at 3:26 AM wesley chun wrote: > Hi, I may not be correct in my understanding but believe that refresh >

Re: [google-appengine] Re: Obtaining refresh_token through offline_access scope to be used with IAP

Hi, I may not be correct in my understanding but believe that refresh tokens are only used in cases where you're using OAuth2 access tokens for authorization. Since you're using a self-signed JWT instead of an access token

[google-appengine] Re: Obtaining refresh_token through offline_access scope to be used with IAP

This documentation about refreshing an access token (offline access) using Google's authorization server could be helpful. On Monday, August 31, 2020 at 8:26:25 AM UTC-4 jose.c...@iota.org wrote: > I am using IAP to