Google API刷新令牌限制 [英] Google API refresh token limit
问题描述
我正在开发一个应用程序,其中需要访问多个Google日历。所有这些日历都来自不同的用户。现在我正在使用OAuth2进行同步。但据我了解,每个客户端ID只能生成25个刷新令牌。
注意:将刷新令牌保存在安全的长期存储中,并且只要它们保持有效,就继续使用
。限制适用于每个客户端 - 用户组合发布的刷新
令牌的数量,以及所有客户端的每个用户
的限制数量,这些限制是不同的。如果您的应用程序请求足够的刷新令牌
以超过其中一个限制,旧的刷新令牌将停止工作。
建议,我在我的数据库中保留刷新标记。但我的问题是,如果我得到更多想要同步日历的客户,该怎么办?有什么方法可以忽略这个限制吗?当然没有。我现在想的只是创建更多的客户端ID。任何建议?
它的每个用户(客户端用户)为50。不是client_id。对于验证您的应用程序的每个人,您可以让他们对其进行验证达50次。您收到的每个刷新令牌都可以使用。 50日后,第一个将停止工作。他们也将工作长达6个月,我认为,如果没有使用6个月,它将被视为无效。
您可以让尽可能多的人使用您的客户端(client_id),并愿意认证您。你不会有任何问题。
从Google Oauth2找到的文档此处
令牌到期
您必须编写代码以预期授予的令牌可能不再有效的可能性。令牌可能因以下原因之一而停止工作:
•用户已撤销访问权。
令牌尚未使用六个月。
•用户更改了密码,令牌包含Gmail范围。
•用户帐户超过了一定数量的令牌请求。
每个客户端每个用户帐户目前有50个刷新令牌。如果达到限制,则创建新令牌会自动使最旧的令牌无效而不发出警告。此限制不适用于服务帐户。
用户帐户或服务帐户在所有客户端可以拥有的令牌总数也有较大限制。大多数普通用户不会超过此限制,但是开发人员的测试帐户可能会超过此限制。
如果您需要授权多个程序,机器或设备,则一种解决方法是限制如果您是Google Apps管理员,则可以创建其他管理员用户并使用它们授权某些客户端。
每个用户帐户授权的客户端数量为15或20。
问题:你在哪里找到这个?我想向Google报告它有点令人困惑
注意:将刷新令牌保存在安全的长期存储中并继续到
只要它们保持有效就使用它们。限制适用于每个客户端用户组合颁发的
刷新令牌的数量,以及所有客户端的每位用户
,这些限制是不同的。如果您的
应用程序请求足够的刷新标记以超过
的限制之一,则旧的刷新标记将停止工作。
I'm developing an application wherein I need to access multiple google calendars. All these calendars come from different users. And right now I am using OAuth2 for the syncing. But as I understand it, I can only generate 25 refresh tokens per client ID.
Note: Save refresh tokens in secure long-term storage and continue to use
them as long as they remain valid. Limits apply to the number of refresh
tokens that are issued per client-user combination, and per user across all clients,
and these limits are different. If your application requests enough refresh tokens
to go over one of the limits, older refresh tokens stop working.
As advised, I am keeping the refresh tokens in my DB. But my problem is, what if I get more clients who would want to sync their calendar? Is there any way to overlook the limit? Of course there isn't. What I have in mind right now is just to create more client IDs. Any advise?
Its 50 per user (client-user) as in User of your Client. Not client_id. For each person that authenticates your application you can have them authenticate it up to 50 times. Each Refresh token you receive will work. After the 50th the first one will stop working. They will also work for up to 6 months I think, if it hasn't been used for 6 months it will be invalidated.
You can have as many people use your Client (client_id) as are willing to authenticate you. You wont have any problems.
From Google Oauth2 Documentation found here
Token expiration
You must write your code to anticipate the possibility that a granted token might no longer work. A token might stop working for one of these reasons:
• The user has revoked access.
• The token has not been used for six months.
• The user changed passwords and the token contains Gmail scopes.
• The user account has exceeded a certain number of token requests.
There is currently a limit of 50 refresh tokens per user account per client. If the limit is reached, creating a new token automatically invalidates the oldest token without warning. This limit does not apply to service accounts.
There is also a larger limit on the total number of tokens a user account or service account can have across all clients. Most normal users won't exceed this limit but a developer's test account might.
If you need to authorize multiple programs, machines, or devices, one workaround is to limit the number of clients that you authorize per user account to 15 or 20. If you are a Google Apps admin, you can create additional admin users and use them to authorize some of the clients.
Question: Where did you find this? I would like to report it to Google its a bit confusing
Note: Save refresh tokens in secure long-term storage and continue to use them as long as they remain valid. Limits apply to the number of refresh tokens that are issued per client-user combination, and per user across all clients, and these limits are different. If your application requests enough refresh tokens to go over one of the limits, older refresh tokens stop working.
这篇关于Google API刷新令牌限制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
