Hi. It depends on how you use the token really. Usually, the client SDK does this for you automatically, and you don’t have to think about it. But if you’re calling getIdToken() explicitly, and use the resulting token to make your own API calls, then you have to be aware of the token becoming invalid, and you may have to take action to refresh it.

Written by

Software engineer at Google. Enjoys working at the intersection of cloud, mobile and programming languages. Fan of all things tech and open source.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store