For some specific use cases, the user accessToken
is needed in external systems, such as a custom back-end infrastructure, where we use the accessToken
, along with the introspect Arc API endpoint, to validate the user session.
When doing so, we need to ensure the accessToken
is valid for more than a couple of seconds before sending it, because it might otherwise expire before the custom back-end processes it.
What would be very useful is for the client to be able to know when the current accessToken
will expire, by for instance adding the expiration timestamp in the localStorage ArcId.USER_INFO
object. This would allow the FE to validate that the token is still valid for, let's say, more than 10 seconds for example, before sending it. And if not, then we can use the Identity SDK method extendSession
to refresh the token before sending the request that needs it.
This small adjustment would make many implementations much easier in our solution, as I am sure it would come handy in many more ArcXP implementations.
Thank you very much in advance for considering this for future updates.