Renewing web based authentication tokens

Topics: Developer Forum
Jul 23, 2010 at 7:16 PM
If the authentication token has expired or extra permissions are requested, the user is prompted as before for renewal. Is any API or methods can be used without going through 2nd time authentication from user?
Jul 24, 2010 at 12:42 AM
From Flickr API doc: http://www.flickr.com/services/api/auth.spec.html >>Authentication tokens can be set to expire by the user when they authenticate against the application. This is an advanced feature, hidden by default. Options are 1 hour and never. This may be set for different applications by policy in the future. >> Any one know how to set token never expire?
Coordinator
Jul 26, 2010 at 9:57 AM

Even though the spec says there is an option to set token's to expire after 1 hour I have never seen this option, nor heard of it being used. Currently therefore permission is either given, or revoked.

There is no way to unrevoke permissions or change permissions without going through authentication again, as this would be a security risk.

Sam