Your Achievements
Level 1
0% to
Level 2
Next /
to gain points, level up, and earn exciting badges like the new Applaud 5 BadgeLearn more!
View All BadgesSign in to view all badges
Open Alert Bar
SOLVED

Marketo API Token best practices?

Go to solution
FirstEnt_Develo
Level 2
Level 2
‎10-09-2019 09:51 AM
‎10-09-2019 09:51 AM

Marketo API Token best practices?

Hi everyone,

I'm building our connection to the API as we're just rolling out Marketo. I had a question about how to handle the token validation. 

Is the best practice to:

- hit the identity endpoint and check for a valid token each time?

- hit the identity endpoint, save when I hit it into a variable, and check if it's been an hour before every call?

- just look for a 601/602 error and if one gets returned, get a new token and try again?

Also, is the validity of the token only checked when my request comes in? As in, if I send a request with 1 second left and it takes 2 seconds, will my request complete successfully? 

Thanks!

Tags (2)
0 Likes
1,709
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎10-09-2019 10:57 AM
‎10-09-2019 10:57 AM

Re: Marketo API Token best practices?

  • hit the identity endpoint, save when I hit it into a variable, and check if it's been an hour before every call?
  • just look for a 601/602 error and if one gets returned, get a new token and try again?

A hybrid of these 2.

Definitely do not get a preemptively new token every time -- not only is this crazy overhead, it won't even work because you'll still have a race condition.

Cache the token optimistically and store the approximate age with it. But don't forcibly fetch a new token until it's at least 61 full minutes old. Trying to guess around the exact 60m mark is hopeless -- if it's under 61m, just send the request with the cached token, check for the error, and get a new token then if necessary.

Also, is the validity of the token only checked when my request comes in? As in, if I send a request with 1 second left and it takes 2 seconds, will my request complete successfully?

Yes, it's checked at the outset & the request won't error out in the middle of execution.

View solution in original post

1,628
Reply
2 REPLIES 2
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
‎10-09-2019 10:57 AM
‎10-09-2019 10:57 AM

Re: Marketo API Token best practices?

  • hit the identity endpoint, save when I hit it into a variable, and check if it's been an hour before every call?
  • just look for a 601/602 error and if one gets returned, get a new token and try again?

A hybrid of these 2.

Definitely do not get a preemptively new token every time -- not only is this crazy overhead, it won't even work because you'll still have a race condition.

Cache the token optimistically and store the approximate age with it. But don't forcibly fetch a new token until it's at least 61 full minutes old. Trying to guess around the exact 60m mark is hopeless -- if it's under 61m, just send the request with the cached token, check for the error, and get a new token then if necessary.

Also, is the validity of the token only checked when my request comes in? As in, if I send a request with 1 second left and it takes 2 seconds, will my request complete successfully?

Yes, it's checked at the outset & the request won't error out in the middle of execution.

1,629
Reply
FirstEnt_Develo
Level 2
Level 2
‎10-09-2019 01:43 PM
‎10-09-2019 01:43 PM

Re: Marketo API Token best practices?

Thanks, this was helpful

0 Likes
1,628
Reply
Home