The authorize step is your login, you only need to do that once and use the access token you’ve gotten for each api request, when the access token is expired you can refresh it, no need to login again. I believe with the new global oauth provider it is problematic to use the self maintaining mode since you can’t have a database query before the global provider and I noticed that it wasn’t possible to create the oauth provider locally in an action. Some providers (seems salesforce is one of them) give an error when you try to authorize (login) while you are already authorized with them (logged in).