OAuth 2.0 API for backend sever call without login / redirect

Question

For example, the API: https://developers.google.com/apis-explorer/#p/calendar/v3/calendar.calendarList.list?_h=4& need to use OAuth 2.0 to authorize before making the call.

But what if I want to set up a cron job in the server and fetch the API periodically? Can I assume the access token remain unchanged all the time? (Unless I revoke it manually)

Answer 1

The access token has a limited lifetime. When it expires, you can programatically get a new access token by using the refresh token. Practically what that means, is that once access is authorized, it will work without user input until access is revoked.

Answer 2

Use service accounts.

You can request an access token at the beginning of each job and cache it for the duration of the job, or store it somewhere. Make sure its encrypted.

Any calls to the server should always be prepared for the access token to be revoked. In that case, obtain a new access token and try the request again. If it fails more than a certain number of times, stop and assume something is wrong with your setup.