Hi - I’m developing an addon and would like to make requests against the jira REST API after the user has left the session (similar to the goal of a once daily data import). I know that the JWT has an expiry of 15 minutes and I can use the JWT to get a new JWT.
Is there any way to do this that doesn’t include refreshing the JWT prior to that expiry every 15 minutes? Or is this simply an antipattern?
Thanks!
Jason
Hi @JasonImmerman, welcome to the community. Access tokens will expire at the 15 minute mark, so you’ll need to refresh. Details in the docs on user impersonation: https://developer.atlassian.com/cloud/jira/platform/user-impersonation-for-connect-apps/
Thanks @nmansilla. Understood on both the JWT flow and the OAuth2 flow for impersonation. However, both have expiry’s defaulting to 15 minutes, and no longer-lived refresh token (so I can only refresh the token before the current token expires).
If I wanted to perform some nightly job that interacts with the jira REST API, would I need to refresh the token every 14 minutes (or whatever interval < 15 minutes) 24 hours per day 7 days per week for each user in order to achieve my goal, or is there a less fragile solution?