Build and Secure APIs with Scala and the Play Framework

Learn how to build APIs with Scala and the Play Framework, and secure them using access tokens.


Hey everyone! We’re closing this thread for now but feel free to reopen it anytime you feel like asking a question!

It’s a useful article but it doesn’t include how to hook up automatically retrieving a new authorisation code when the the current one expires… so kind of feels unfinished

1 Like

Thanks for providing that feedback! Let me tag the article author here @steve.hobbs so he can address that once he’s online

Hey @hubca, thanks for reading.

It doesn’t cover the scenario you describe because that’s not really the responsibility of the API. It consumes the access token but is not responsible for fetching new ones when they expire.

That would normally be the responsibility of the thing that calls the API, like a web application, SPA, etc. Building that application is out of the scope of this article.

Thanks a loot for sharing it Steve!

Thanks for the response @steve.hobbs. I guess I’m looking at this as someone who has built the API with the primary objective of securely accessing our own endpoints (in our application). I’m just currently lacking knowledge of the correct way to apply the oAuth flow in order to refresh expired tokens. It’s a really useful article of course.

1 Like

Thanks for the feedback on the article!