Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

auth models #18

Open
Davidcc opened this issue Jan 31, 2020 · 0 comments
Open

auth models #18

Davidcc opened this issue Jan 31, 2020 · 0 comments

Comments

@Davidcc
Copy link

Davidcc commented Jan 31, 2020

Hello, I read the Authentication documentation, and I understand the user OAuth flow (built more than one before). But not sure what to do with my new app... it's an Alexa skill.
A user would use my skill, that would generate some time entries that i need to post to their Harvest back-end. But a skill is not browser-based and there is no possibility of doing a token flow at that point. I do have a web application backing the skill - a user will go there, authenticate to Harvest and pull a list of Project Task assignments. That makes sense. I can store their Harvest identifiers, and even their OAuth tokens.

But how can the Lambda functions backing the Alexa Skill make authenticated Harvest API request that are identified with the skill user's account?

Maybe I need to use the tokens as set from the web portal? And if they are expired, send them back to the portal to refresh? That could be unworkable depending on the lifetime of the Harvest tokens. If their lifetime is long, I can refresh them, and the user might not need to explicitly refresh unless they go a long period of inactivity.

Any help is much appreciated
Thanks!

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant