Oauth2 Access tokens

Hi all.
Fairly new to this so thought I would ask the question. Looking to embed the API into my website to automatically look for new transfers that appear in my account but realize that an access token is required. From researching it appears that these only last around 30-33 hours so would constantly need refreshing.
Is there a way that this can be done automatically to get the access token, or is it going to need to be something manual - click to reauthenticate after the 33 hours?

Presumably you’re a dev. If so, you need to determine yourself whether the token is still valid (e.g not expired). And request a new one if it’s expired before calling the API.

A nice pattern for this is replacing the curl / fetch method with your own MonzoApiRequest function that just calls the API (with the token) if the token is still valid, else request a new token and then call the API.

Hope that makes sense.

When you originally create the tokens in the Monzo Developer areas there is an option called “Confidentiality”.

If you set this to “Confidential” when you use the token details you will be provided with a refresh token. You are also provided details of when the token expires. You should store these details.

In your code, prior to making API calls you would check to see if the expiry date is soon or in the past, if it is you would request a new token which would again provide a new token, expiry and refresh token which you should use for new API calls.

Following the above the only intervention you would have is when creating and exchanging the original token the rest can be done fully in code.

Out of interest what backend language are you using for creating your webpage? You may find that packages already exist for your language of choice that will take a lot of the hard work out of it.