Every 90 days the user is required to re-authenticate an app, as mentioned here - which presents 3 problems:
- The user gets no notification that they need to re-authenticate, nor that it’s something they ever need to do.
- The API responses suddenly start returning 403’s (forbidden.insufficient_permissions) with no indication why this previously valid authentication token is now lacking permissions.
- The API docs make no reference to any of this being a thing that can happen.
I made an app that automatically sorts my salary (before the salary sorter existed in the app, and mine is more feature-rich so I still use it). This means that it only attempts to use the API once a month, so every other month I’d seemingly randomly hit this 403 problem. It was only by chance I found a link to that topic on whatever search I tried sticking in a search engine this time around.
I wasn’t even aware of the manage apps section buried within the apps settings, so I’ve manually been having to go through the entire authentication process every 3 months!
Also, how come some third party apps such as IFTTT and flux don’t need to be refreshed every 90 days? They simply state “Ongoing session” instead of “x days remaining”. Is there a way I can force my app to have an ongoing session as well?