Is the Python Platform SDK supposed to handle OAuth token refresh transparently, or do I still need to manually implement a refresh loop?
I’ve been maintaining a Kotlin Android app using the Genesys Web Messaging SDK for three years now, and the token handling there is pretty explicit. I’m currently porting a backend service to Python to handle some server-side conversation routing logic. I’m using the genesyscloud Python SDK v2.1.4.
My understanding from the docs was that the SDK manages the refresh_token lifecycle automatically. However, when I instantiate the Configuration object and pass in my client_id and client_secret, the initial get_access_token() call works fine. The issue arises when the access token expires (usually after 3600 seconds).
Here’s the setup:
from genesyscloud.rest import Configuration
from genesyscloud.conversations_api import ConversationsApi
config = Configuration()
config.client_id = "my_client_id"
config.client_secret = "my_client_secret"
config.oauth_client_id = "my_client_id"
config.oauth_client_secret = "my_client_secret"
# I'm not passing a refresh_token here, assuming the client credentials flow handles it?
conversations_api = ConversationsApi(api_client=ApiClient(config))
# Later, after 1 hour...
try:
conversations = conversations_api.get_conversations(
expand=['routing', 'wrapup', 'participants', 'media', 'events']
)
except Exception as e:
print(f"Error: {e}")
When the token expires, the SDK throws a 401 Unauthorized error on subsequent calls. I expected the SDK to catch this, use the stored refresh token (or client credentials) to get a new access token, and retry the request automatically. Instead, it just fails.
I tried manually calling config.refresh_token() before the API call, but that method doesn’t seem to exist on the Configuration object in this version. I also tried passing a refresh_token string obtained from the initial OAuth response, but the SDK ignores it or throws a validation error if the format isn’t exact.
Am I missing a specific flag in the ApiClient initialization? Or do I really have to wrap every API call in a try-except block that catches 401s and manually re-authenticates? That feels like a step backward from the Kotlin SDK’s behavior.
Any code examples of how you’re handling long-running processes with the Python SDK?