Is there any way to change the API access token expiry time?

Is there any way to change the API access token expiry time? If so, is there any way to set it so it doesn’t expire?

Thanks!

There are security implications for doing that - because if that token were to leak you are granting long term access to the API with that token.

It is common for clients to cache the token and simply request a new one when it expires - in the case of client_credentials a new one is requested with the clientId/secret and in the case of access_code a new one is requested using the refresh_token provided with the prior access_token.

If you are using client_credentials and didn’t have a way to cache the token, you could request a new one with each request you wanted to make to the API. There isn’t any massive overhead in doing that - but caching it would be better.

1 Like

Thanks Dan! That’ll work.

1 Like