Learn how to build APIs with Scala and the Play Framework, and secure them using access tokens.
Hey everyone! We’re closing this thread for now but feel free to reopen it anytime you feel like asking a question!
It’s a useful article but it doesn’t include how to hook up automatically retrieving a new authorisation code when the the current one expires… so kind of feels unfinished
Thanks for providing that feedback! Let me tag the article author here @steve.hobbs so he can address that once he’s online
Hey @hubca, thanks for reading.
It doesn’t cover the scenario you describe because that’s not really the responsibility of the API. It consumes the access token but is not responsible for fetching new ones when they expire.
That would normally be the responsibility of the thing that calls the API, like a web application, SPA, etc. Building that application is out of the scope of this article.
Thanks a loot for sharing it Steve!
Thanks for the response @steve.hobbs. I guess I’m looking at this as someone who has built the API with the primary objective of securely accessing our own endpoints (in our application). I’m just currently lacking knowledge of the correct way to apply the oAuth flow in order to refresh expired tokens. It’s a really useful article of course.
Thanks for the feedback on the article!
The dependencies in the example are very out of date, and the jwt-scala API has changed since the blog was written. I have opened a pull request to update dependencies here: https://github.com/auth0-blog/scala-api-sample/pull/1.