When you are developing an xApp, you may want to test in your local browser (e.g. with Live Reload). You can re-fetch OTT's for development purposes.
Once an OTT has been used to call the authorize endpoint and a JWT has been provided, the OTT expired and can't be used to call the authorize endpoint.
If you want to be able to re-fetch the OTT data & obtain a new JWT for a specific OTT during development, you can.
To do this:
- Open your xApp in XUMM and obtain your OTT, e.g. by displaying the
xAppTokenquery param - Grab your Device Identifier from XUMM, by going to Settings - Advanced and tap+hold (copy) your Device ID
- Whitelist your Device ID in the XUMM Developer Console, for your specific xApp on the xApp page
You can now fe-fetch OTTs & obtain a new 24h valid JWT for OTTs issued by opening your xApp on your device only.
Simply visit your own xApp URL with the ?xAppToken=... OTT you received (like XUMM would when opening the xApp in XUMM, see xApp (technical) flow) & use the OTT for a call to the authorize endpoint.
If you are not using the JWT endpoints but building using the XUMM SDK / building a DIY integration with the regular XUMM platform, you can re-fetch by crafting a special hash.