Jan. 17, 2024
When generating the User API Token, can we streamline the process of accessing it? A couple of proposals would be 1. We detect that the current token is expired, so we open EDGAR to a specific url (something like filingmanagement.sec.gov/api/usertoken?postbackUrl={some value provided by us}). Since the user will be authenticated, when they land on the URL, EDGAR would then POST to the postbackUrl with the new token in the body. There would need to be some hand shaking performed before redirect, but this would allow applications to "auto" renew the token without user interaction. 2. Allow opening a specific URL that expands the "User API Token" so the user does not have to hunt for it.