Strategies for optimizing the authentication workflow with the Nomba API.
client_id
and client_secret
, in client applications where they could be susceptible to exposure. Instead, securely store these credentials in your server application, providing an added layer of protection.
access_token
through the Obtain access token endpoint. Subsequently, use this access_token
to interact with the Nomba API. If a 401 Unauthenticated response is received, it indicates a potential expiration of the access_token
, prompting the need for renewal.
While the Obtain access token endpoint can be utilized for obtaining a new access_token
, we recommend employing the refresh token approach. Use the Refreshing access token endpoint with the refresh_token
obtained during the initial access_token
retrieval. This method streamlines the process, ensuring a seamless token refresh and providing both access_token
and refresh_token
upon success. Repeatedly refresh the token using this approach whenever the access_token
expires.
Single-instance authentication
access_token
and refresh_token
in a cache within the same instance. Subsequent instances can then retrieve the tokens from the cache, ensuring a secure and synchronized authentication process across multiple instances.
Multi-instance authentication