Building a Node.js service to pull historical queue metrics. The app has no UI, just runs on a schedule. Should I stick with client credentials or try authorization code with PKCE? The SDK’s oauth2.getAccessToken() method seems to favor client credentials by default, but I’m worried about the token lifespan and rotation logic if the app goes down for maintenance.
Here’s the current setup:
const genesys = require('@genesyscloud/genesyscloud-node');
genesys.init({
clientId: process.env.GENESYS_CLIENT_ID,
clientSecret: process.env.GENESYS_CLIENT_SECRET,
env: 'us-east-1'
});
If I switch to authorization code, I’d need to handle the redirect flow manually, which feels clunky for a background worker. Is there a clean way to refresh client credentials tokens without hardcoding the secret in the worker process? Or should I just accept the 1-hour expiry and handle the 401s gracefully?