We currently have a tool which has worked for 2 years using the FreeAgent API. Our latest use of the tool did not produce the results we expected. We think we have narrowed it down to the expiration time of the S3 URL, which appears to be 30 seconds.
Is the expiration date of the URL something that was changed recently?
Can the expiration date be extended?
Thanks for your message and sorry to hear you’ve had some trouble with your integration. I’ve checked with our teams internally and we recently reduced the TTL on our Amazon S3 URLs to 30 seconds, based on feedback from an independent Penetration Test of FreeAgent’s infrastructure.
From your description of the problem, I wonder if your integration currently compiles a list of files to be fetched and then downloads from S3 in a batch process? I’m afraid tweaking the TTL of the links isn’t currently available via the API. Would you be able to update your integration to download the files on-the-fly, before the S3 links have time to expire?
I hope this helps and sorry for the confusion, Jonathan!
Thanks for the insights on the changes.
We have implemented a workaround that seems to be working now. The solution we came up with is to make a request against the attachment URL in a synchronous way, which should fingers crossed mean we get the attachment back in time.
You mentioned that
… tweaking the TTL of the links isn’t currently available via the API
is this something that will be available in the future?
Great to hear you managed to update your integration
Honestly, I don’t think we have any plans to increase the TTL on our S3 links - the links are deliberately short-lived to prevent unauthorised access to assets should the URLs fall into the wrong hands. I will, however, be keeping an eye out for other API users encountering issues like yourself so we strike the right balance between security and convenience.
Thanks again for your feedback and glad to hear you’re back up and running.
I’ve just been bitten by this. Dropping from 1 year to 30s was quite a jump…
It’d be good to have this documented a bit more clearly - the docs say there’s a field with the expiration time in, but doesn’t mention the default, and the sample JSON doesn’t include the field at all. The AWS URL in the sample has a 365 day expiration, which tripped me up a little when wondering what was going on…
Apologies for missing your response to this old thread, and thank you for sharing your experience – I agree, our documentation could be much better here; I’ll take it as an action point to our team to get S3 link expiration time updated across our API docs.