It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to get a forever token?

I sell products online through a website I wrote. To manage my fulfilment flow, when a purchase is made I want my app to automatically create a card on a trello list.

I've managed to do everything okay except that after a few minutes the token that I was using expires, even though I thought I had created a token that would never expire.

I can't manually authenticate every time an order comes in.

Here's the code I've written to generate tokens. (Oauth1).

Step 1 (one time): Get a manually authorized resource owner key, resource owner secret, and verifier.

import requests
from requests_oauthlib import OAuth1Session
oauth = OAuth1Session(CLIENT_KEY, client_secret=CLIENT_SECRET)
fetch_response = oauth.fetch_request_token(REQUEST_TOKEN_URL)
resource_owner_key = fetch_response.get('oauth_token')
resource_owner_secret = fetch_response.get('oauth_token_secret')

print(f'resource_owner_key: {resource_owner_key}')
print(f'resource_owner_secret: {resource_owner_secret}')
auth_url = oauth.authorization_url(AUTHORIZE_TOKEN_URL, scope='read,write', expiration='never') # expiration never
print(auth_url)
# Now manually authenticate in browser using this URL. Record resource owner

 Step 2 (every time): Use resource owner key, resource owner secret, and verifier to generate a token.

oauth = OAuth1Session(CLIENT_KEY,
client_secret=CLIENT_SECRET,
resource_owner_key=RESOURCE_OWNER_KEY,
resource_owner_secret=RESOURCE_OWNER_SECRET,
verifier=VERIFIER)
oauth_tokens = oauth.fetch_access_token(ACCESS_TOKEN_URL)
token = oauth_tokens.get('oauth_token')

 Step 3: Use token in POST request to make card.

This all works fine for a few minutes, then I get the error: 

requests_oauthlib.oauth1_session.TokenRequestDenied: Token request failed with code 500, response was 'token not found'.

 I thought that token was last forever? I can still see under my account details on Trello:

An unknown application
  • read and write access on all your boards
  • read and write access on all your teams

Approved: today at 6:30 AM
Never Expires

1 answer

1 accepted

1 vote
Answer accepted

Solved - I was doing everything right, just that Step 2 should only be done once. I thought I had to generate a new token every time, but the token gotten at the 'token = ' line is actually good to save off and use forever.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Trello

Develop a new Habit during Lockdown

If you had to thrive a new habit during a lockdown, what would it be? Trello

1,622 views 15 6
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you