diff --git a/packages/developer-portal/src/components/apps/new/__tests__/__snapshots__/helper-content.test.tsx.snap b/packages/developer-portal/src/components/apps/new/__tests__/__snapshots__/helper-content.test.tsx.snap
index 8a08694727..22235f6992 100644
--- a/packages/developer-portal/src/components/apps/new/__tests__/__snapshots__/helper-content.test.tsx.snap
+++ b/packages/developer-portal/src/components/apps/new/__tests__/__snapshots__/helper-content.test.tsx.snap
@@ -113,6 +113,16 @@ exports[`HelperContent should match a snapshot 1`] = `
please click here.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -136,6 +146,19 @@ exports[`HelperContent should match a snapshot 1`] = `
>
Your application can be authenticated against our Platform either on the client-side or server-side. If you choose client-side authentication at the next step but later wish to upgrade to a full AgencyCloud integration in the future, you can do this. However, it is important to note, server-side integrations cannot be launched from within AgencyCloud.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -560,6 +632,19 @@ exports[`HelperContent should match a snapshot 1`] = `
>
Your application can be authenticated against our Platform either on the client-side or server-side. If you choose client-side authentication at the next step but later wish to upgrade to a full AgencyCloud integration in the future, you can do this. However, it is important to note, server-side integrations cannot be launched from within AgencyCloud.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -691,6 +701,19 @@ exports[`AppsNew should match a snapshot 1`] = `
>
Your application can be authenticated against our Platform either on the client-side or server-side. If you choose client-side authentication at the next step but later wish to upgrade to a full AgencyCloud integration in the future, you can do this. However, it is important to note, server-side integrations cannot be launched from within AgencyCloud.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -1689,6 +1751,16 @@ exports[`AppsNew should match a snapshot 1`] = `
please click here.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -1712,6 +1784,19 @@ exports[`AppsNew should match a snapshot 1`] = `
>
Your application can be authenticated against our Platform either on the client-side or server-side. If you choose client-side authentication at the next step but later wish to upgrade to a full AgencyCloud integration in the future, you can do this. However, it is important to note, server-side integrations cannot be launched from within AgencyCloud.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -2106,6 +2230,50 @@ exports[`AppsNew should match snapshot for mobile view 1`] = `
+
+
+
+
+ Important changes to refresh tokens
+
+
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. Apps registered prior to this date were given reusable refresh tokens from Reapit Connect. New apps will only be given single use refresh tokens as part of enhanced security updates.
+
+
+ For more information about this change,
+
+
+ please click here.
+
+ Any apps registered prior to this date are unaffected by this change.
+
+
+
+
+ Close
+
+
+
+
+
@@ -2776,6 +2944,16 @@ exports[`AppsNew should match snapshot for mobile view 1`] = `
please click here.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -2799,6 +2977,19 @@ exports[`AppsNew should match snapshot for mobile view 1`] = `
>
Your application can be authenticated against our Platform either on the client-side or server-side. If you choose client-side authentication at the next step but later wish to upgrade to a full AgencyCloud integration in the future, you can do this. However, it is important to note, server-side integrations cannot be launched from within AgencyCloud.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -3797,6 +4027,16 @@ exports[`AppsNew should match snapshot for mobile view 1`] = `
please click here.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+ Apps registered prior to this date are unaffected by this change.
+
@@ -3820,6 +4060,19 @@ exports[`AppsNew should match snapshot for mobile view 1`] = `
>
Your application can be authenticated against our Platform either on the client-side or server-side. If you choose client-side authentication at the next step but later wish to upgrade to a full AgencyCloud integration in the future, you can do this. However, it is important to note, server-side integrations cannot be launched from within AgencyCloud.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it can handle rotating refresh tokens. For more information about this change,
+
+
+ please click here.
+
+
+ Apps registered prior to this date are unaffected by this change.
+
diff --git a/packages/developer-portal/src/components/apps/new/helper-content.tsx b/packages/developer-portal/src/components/apps/new/helper-content.tsx
index 5ed6a94670..1a9fe23a68 100644
--- a/packages/developer-portal/src/components/apps/new/helper-content.tsx
+++ b/packages/developer-portal/src/components/apps/new/helper-content.tsx
@@ -140,6 +140,12 @@ export const HelperContent: FC = () => {
simply link out from your integrated app or render a pre-existing app in an iframe. For more information
on the requirements, please click here.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure
+ it can handle rotating refresh tokens. For more information about this change,{' '}
+ please click here. Apps registered prior to
+ this date are unaffected by this change.
+
@@ -155,6 +161,14 @@ export const HelperContent: FC = () => {
in the future, you can do this. However, it is important to note, server-side integrations cannot be launched
from within AgencyCloud.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it
+ can handle rotating refresh tokens. For more information about this change,{' '}
+
+ please click here.
+ {' '}
+ Apps registered prior to this date are unaffected by this change.
+
Data Portal and Reporting Feeds
@@ -218,6 +232,14 @@ export const HelperContent: FC = () => {
to investigate which data sets and permissions you will need before getting started.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it
+ can handle rotating refresh tokens. For more information about this change,{' '}
+
+ please click here.
+ {' '}
+ Apps registered prior to this date are unaffected by this change.
+
Using Reapit Connect as an Identity Provider
@@ -232,6 +254,14 @@ export const HelperContent: FC = () => {
interested in using our Sign In With Reapit button to embed on your own site{' '}
visit here
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it
+ can handle rotating refresh tokens. For more information about this change,{' '}
+
+ please click here.
+ {' '}
+ Apps registered prior to this date are unaffected by this change.
+
Client Side Apps
@@ -250,6 +280,14 @@ export const HelperContent: FC = () => {
Create React App Template for quick start client-side
development.
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it
+ can handle rotating refresh tokens. For more information about this change,{' '}
+
+ please click here.
+ {' '}
+ Apps registered prior to this date are unaffected by this change.
+
Server Side Apps
diff --git a/packages/developer-portal/src/components/apps/new/index.tsx b/packages/developer-portal/src/components/apps/new/index.tsx
index 72b891f5ff..e7ed54c586 100644
--- a/packages/developer-portal/src/components/apps/new/index.tsx
+++ b/packages/developer-portal/src/components/apps/new/index.tsx
@@ -1,4 +1,5 @@
import {
+ BodyText,
Button,
ButtonGroup,
ColResponsive,
@@ -14,7 +15,7 @@ import {
useMediaQuery,
useModal,
} from '@reapit/elements'
-import React, { Dispatch, FC, SetStateAction, MouseEvent, useEffect, KeyboardEvent } from 'react'
+import React, { Dispatch, FC, SetStateAction, MouseEvent, useEffect, KeyboardEvent, useState } from 'react'
import { AppAuthFlow, AppNewStepId, getAppWizardStep } from './config'
import { AppWizardState, useAppState } from '../state/use-app-state'
import { ControlsContainer, StepContainer } from './__styles__'
@@ -42,6 +43,7 @@ import { NavigateFunction, useNavigate } from 'react-router-dom'
import { HelperContent } from './helper-content'
import { defaultAppWizardState } from '../state/defaults'
import { Helper } from '../page/helper'
+import { ExternalPages, openNewPage } from '../../../utils/navigation'
export interface CreateAppFormSchema {
redirectUris?: string
@@ -228,8 +230,32 @@ export const AppsNewPage: FC = () => {
const { headingText, headerText, iconName } = getAppWizardStep(currentStep)
+ const [refreshRotationModelIsOpen, setRefreshRotationModelIsOpen] = useState(true)
+
return (
+ setRefreshRotationModelIsOpen(false)}
+ >
+
+ From November 2024, when registering an app that uses the authorisation code authentication flow, ensure it
+ can handle rotating refresh tokens. Apps registered prior to this date were given reusable refresh tokens from
+ Reapit Connect. New apps will only be given single use refresh tokens as part of enhanced security updates.
+
+
+ For more information about this change,{' '}
+ please click here. Any apps registered prior to
+ this date are unaffected by this change.
+
+
+
+
+
+
(event?: MouseEvent) => {