*Please note that this article contains information pertinent to future functionality that hasn't been released yet.
1. Upon opening a page with pairing applications, Timetracker performs a POST request to /api/pin/create?api-version=2. Returned object contains PIN and security_code. PIN is demonstrated to the user.
2. Client periodically checks if PIN is validated by performing GET
PIN valid for 1 minute
3. User enters PIN on web server side.
4. If PIN is validated, the server responds with “validated” as the PIN state.
5. Client performs POST request /token.
6. If server returns Invalid as state: request new token
6. Server returns object with access and refresh tokens.
A token’s lifetime is one (1) hour (3600 seconds); Refresh Token is valid for one (1) year (129600 seconds).
Diagram of the process described, above:
To obtain a new token with “Refresh Token”, perform this request:
A token is valid for SignalR until it disconnects.
Therefore, even an outdated token maintains a valid SignalR connection.