Best practices to generate an Authentication Token

What are the best practices to generate an Authentication Token using the REST Connection object?

How to request a new token without manually editing the connection and clicking the button that reads “Request Token”?

There are multiple ways in which we can avoid clicking on the “Request Token” button to manually generate the bearer token.

  • If we have a Shared Connection where we have received a refresh token along with the access/bearer token, then we can simply run the flow which utilizes this shared connection because the REST Client will automatically use that refresh token to fetch a new access token at run-time.

  • In such situations where we don’t have a refresh token, then we can send a request to the token resource/endpoint (specified by the Platform’s API Document). We can map the received bear token value to the other endpoint’s Authorization header parameter. (Uses the URL-encoded body)

  • For all security types such as OAuth2.0 (grant type — Password, Client Credential) and Bearer Token (Basic) where the Authentication URL is not required, we can just run the flow; the access token will be generated and cached at the backend. This cached access token can then be utilized for subsequent API calls until its expiry. (Implemented in v9.0)