We are currently exploring workflow development on top of CDF python SDK. The client secret is used in the workflow code in order to connect with CDF project instance. This client secret is bound to expire after predefined interval. It will incur production downtime and manual intervention in order to update the secret.
Can we have or do we have some concept similar to refresh tokens in CDF Python SDK.
Ardash,
I read 2 concerns here, One is refresh for a long running process and the other is secret rotation. For long running processes with the Python SDK, it’s my understanding that the token will (should) be refreshed via the SDK. The secret you use for running the workflow should be managed (stored and rotated) externally as any other secrets.
Hope this helps :)
Jason
Hi
Can you not use a standard approach to managing the OAuth refresh_token in the environment, or is this a request for some way of automating the refresh process (asynchronously?), alternatively some SDK specific way of storing the refresh token for when it’s needed, outside of your own application/script/program?
Hi
Hi Carin & Thomas,
Thank you. The explanation provided by Jason has clarified my understanding. I will get in case of any additional questions.
Regards,
Adarsh
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Check the
documentation
Ask the
Community
Take a look
at
Academy
Cognite
Status
Page
Contact
Cognite Support