I'm building our connection to the API as we're just rolling out Marketo. I had a question about how to handle the token validation.
Is the best practice to:
- hit the identity endpoint and check for a valid token each time?
- hit the identity endpoint, save when I hit it into a variable, and check if it's been an hour before every call?
- just look for a 601/602 error and if one gets returned, get a new token and try again?
Also, is the validity of the token only checked when my request comes in? As in, if I send a request with 1 second left and it takes 2 seconds, will my request complete successfully?