ShareDo allows seamless integration with third-party applications, but linked services can sometimes stop working if their tokens expire. To address this, we’ve introduced the Keep Alive option. This feature ensures that linked services remain active, even during periods of inactivity. Here’s how it works and why it’s beneficial.

The Issue: Token Expiry Due to Inactivity

When you link a service in ShareDo, it typically provides two types of tokens:

• Access Token: Used for immediate access to the service.
• Refresh Token: Used to obtain new access tokens when the current one expires.

Some services, like Office 365 SharePoint, enforce a sliding window policy for refresh tokens. For example, a SharePoint token usually expires after 90 days unless you interact with the service during that period. If no activity occurs, the token isn’t renewed, leading to its expiration and a broken link to the service.

The "Keep Alive" Solution

The Keep Alive option addresses this problem by refreshing tokens, ensuring that linked services remain connected even when not actively used. This feature is available for services that use OAuth authentication with an authorisation code flow. It does not apply to API tokens or shared secrets, as these do not involve token issuance.

How "Keep Alive" Works

1. Optional Setting:
   1. Keep Alive is an opt-in feature. Users can choose to enable or disable it during the registration of a linked service.
   2. This approach ensures security by requiring explicit user consent before extending token validity without direct interaction.
2. Service Support:
   1. Services must support the SupportKeepAlive property, a boolean value indicating whether Keep Alive can be enabled.
   2. If supported, the service configuration screen displays a "Keep Alive [YES|NO]" option.
      
3. Automated Maintenance:
   1. A nightly maintenance task (Keep alive service integration links) identifies linked services with Keep Alive enabled and refreshes their tokens.
   2. If token renewal fails (e.g., the token has been revoked), ShareDo automatically unlinks the service. Users will be prompted to re-link the service upon their next login.
      

Summary

1. Service Support:
   1. The service provider must expose the SupportKeepAlive property. If this is true, the Keep Alive option will be available during configuration.
2. Token Management:
   1. Nightly maintenance tasks refresh tokens for services with Keep Alive enabled.
   2. If token renewal fails, the service is automatically unlinked, and users are notified to re-link it.
3. User Control:
   1. Users can enable or disable Keep Alive during service registration, ensuring flexibility and security.

Review

The Keep Alive option is a practical way to maintain uninterrupted integration with third-party services. By automating token management while keeping user control central, this feature ensures a balance between convenience and security. Enabling Keep Alive can help prevent token-related disruptions and improve the overall integration experience for supported services.