Box Node API : Token Expired on prod

Question

Hi,
I am using the basicClient with a never expiring token to set up my box client on Node:
const client = BoxSDK.getBasicClient(process.env.BOX_TOKEN);And I am able to get both embed and download URLs locally. However, when I deploy to GCP, I keep getting the following errors (even though I have set the proper BOX_TOKEN in my production secrets):Expired Auth: Auth code or refresh token has expired [401 Unauthorized

Relevant Headers:statusCode: 401,'www-authenticate': 'Bearer realm="Service", error="invalid_token", error_description="The access token provided is invalid."''BOX-REQUEST-ID','0e4b406acf7dcc138ab7e055d3a9bf4f3'authExpired: trueI am using the same token with a rails backend and it is working fine. Any ideas what could be going on?

community-manager · Answer

Hi Adam,With all Box tokens, they will inevitably expire. Typically with most tokens (e.g. JWT, developer token, OAuth 2 token) that will be 60 minutes before it needs to be refreshed. When using the basic client I believe what might be happening is that the token is expiring and the Node SDK might not be able to handle the automatic refresh for you.For instance, if you're using a developer token then that token will expire after an hour and will not be able to be programmatically refreshed. All other tokens will need to be refreshed after that 60min period.Hope that helps.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded