I feel as though I’m missing something here:
- I have a continuing requirement to collect events from Cores calling Spark.publish(). The collector is in a data centre and not part of a web app with users. (It is, in effect, a cron job calling curl.)
- The 90-day API token expiry makes sense for end-user devices: the user is right there, ask for a password if the token has expired.
- This is not true for a non-end-user device/application (notably: a server of some sort which is also a client of the Spark API and which does not present a user-interface).
- To date I’ve been setting calendar reminders to manually re-generate tokens, however this is far from ideal.
- I had assumed that spark-cli dealt with this and finally got around to looking at spark-cli today but note that it only stores the token anyway.
- So far as I can tell, the only way to do this is to store the username and password (which rather defeats much of the purpose of using tokens in the first place) and hand-code something to perform a login-and-generate-new-token operation more frequently than every 90 days.
Have I missed something? What is the recommended strategy for a permanent client in a non-end-user device?