A long-lived access token for github app (not oauth)

Hi Githubbers,

Currently, I can use the installation id to obtain the access token, which, in turn, allows me the access the content of a repo. However, the access token only lives for 1 hour.

How should I handle the case where I want to read the content of a repo later in time, maybe days later?

Thank you,

Tanin

@tanin47 You should be able to achieve what you are describing with the existing API. You can generate new installation tokens whenever you want, so in your code, maybe generate a new installation token every time you execute your script/job?

2 Likes

@abinoda Just to clarify. Do you mean storing the installation id to use at a later time?

You are right. We can save the installation id.

It seems a formal way is explained here: https://developer.github.com/apps/building-github-apps/identifying-and-authorizing-users-for-github-apps/

Basically, we ask user to login and obtain the OAuth access token. We, then, get all the installation ids that the user can access through /user/installations?access_token=…. Then, we can obtain Github app access token from these installation ids.