AUTHORIZATION Validity of Access Tokens - Medisana/vitadock-api GitHub Wiki

With the Access Token/Secret pair the Consumer can access the data connected to the VitaDock Online User. Please note that this Access Token can become invalid due to various reasons:

  • The VitaDock Online User has revoked the permission by logging into VitaDock Online and unmarked the corresponding entry of your Application.
  • The Access Token was set only to a limited number of accesses.
  • The VitaDock Online User has changed his password.
  • Other security reasons (e.g. no use for many months, major security update etc.)

Figure 1 shows a possible implementation of the _Consumer _where it checks whether the Access Token is still valid and asks the VitaDock Online User for a new authentication if necessary. Alternatively (currently under construction), when using the monitoring URL, your application can be notified whenever an Access Token becomes invalid (see Figure 2).

Data access by a Consumer Figure 1 - Data access by a Consumer

Subscription business process Figure 2 - Notification process when token becomes invalid