I am trying to send a POST request to the https://apiexplorer.nationbuilder.com/ API as a side effect in a Rails controller.
As far as I can tell this API requires you to use OAuth 2.0. Is there a way to keep OAuth tokens alive forever, so that the end user doesn't have to know about third party API authentication?
I am thinking that requesting a new refresh token every X minutes in a CRON task and then storing it in either Rails server instance memory or DB (PG, Redis) might solve this issue, but if possible I would want to avoid these architecture changes.
I was also considering initializing the app with an access token and then refreshing the refresh token on every request, but what happens if no one uses the application for a long time and the access and refresh tokens expire?
EDIT:
It turns out that when it comes to the nationbuilder you can request the initial access_token and it never expires unless it is revoked.
But the general question in still ->
How would one keep expiring Oauth sessions alive on the server side without ever needing to ask for re-authentification?