BEE Plugin application authorization
Client ID and Client Secret
In this article, when we say "application", we mean the client application that is hosting the BEE editor. That is, the software application into which the BEE editor in being embedded by using BEE Plugin.
The BEE Plugin system uses OAuth2 as the authorization framework.
When you initialize an instance of BEE Plugin within the application, you are required to authenticate who that application is by passing the application's:
If you have not already done so, you can obtain your Client ID and Client Secret by creating a new application in the BEE Plugin developer portal.
If the authentication is successful, the BEE Plugin authorization service will return a temporary access token to the client application. The token can then be used by the client application to start communicating with the BEE Plugin resource server.
The token has a duration of one minute after which it expires, for security reasons. An expired token can be refreshed for 30 minutes without re-authenticating the application.
Once the application has started communicating with the BEE Plugin resource server, the plugin will take care of refreshing the token automatically as long as someone is actively using the editor, and for 20 minutes during inactivity.
401 Authorization Errors
If a token has expired, the plugin receives a 401 error and attempts to refresh it automatically. The 401 errors are nothing to worry about as they are part of this process.
In the screenshot below, for example, you will notice:
- A call to the HTML parser, one of the services provided by the system
- The call does not go through because the token has expired (401 status)
- BEE Plugin therefore calls the authorization service to refresh the token
- It then performs the same call to the HTML parser, and this time the call is successful (200 status).