Get the User Access Token - Flutter SDK
GraphQL is deprecated. Learn More.
Every User object contains a JWT token that you can use to access Atlas App Services.
You can use the access token to query the Atlas GraphQL API from your client application. Use any GraphQL client to query the Atlas GraphQL API, such as graphql_flutter. To learn more about setting up and querying the Atlas GraphQL API, refer to Atlas GraphQL API [Deprecated] in the App Services documentation.
Retrieve the Access Token
You can get the access token with the User.accessToken property.
final token = app.currentUser?.accessToken;
Refresh the Access Token
The access token expires 30 minutes after a user logs in. It does not refresh automatically. Refresh it with User.refreshCustomData().
Future<String> getValidAccessToken(User user) async { // An already logged in user's access token might be stale. To // guarantee that the token is valid, refresh it if necessary. await user.refreshCustomData(); return user.accessToken; }
You can also periodically refresh the access token
with Timer.periodic()
from the dart:async
library. Wrap the call to User.refreshCustomData()
with the timer's callback function.
// Refresh the token every 29 minutes Timer.periodic(Duration(minutes: 29), (_) { app.currentUser?.refreshCustomData(); });
Refresh Token Expiration
Refresh tokens expire after a set period of time. When the refresh token expires, the access token can no longer be refreshed and the user must log in again.
If the refresh token expires after the realm is open, the device will not be able to sync until the user logs in again. Your sync error handler should implement logic that catches a token expired error when attempting to sync, then redirect users to a login flow.
For information on configuring refresh token expiration, refer to Manage User Sessions in the App Services documentation.