Hey @DanielReed,
Could you clarify if this is the result of RFC-34? Or, is that treated separately?
Developers can configure scheduled triggers to periodically deliver new access tokens with a longer expiry time of 4 hours. These tokens can then be cached for later use to authenticate requests with Atlassian APIs.
The above mitigates the issue of a remote not having access to Forge APIs at any time. However, if the remote does not have a cached access token for some reason, it still cannot get a new token on its own and has to wait for the subsequent scheduled trigger request. Is that correct, or do I miss something?