- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-04-2021 05:19 AM
Can anyone tell me the basic difference between Refresh token and access token.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-04-2021 05:31 AM
Hello,
Please see the below docs link
| Access Token | A secure string that a client uses to access protected resources. An instance issues access tokens to clients that have a valid authorization grant. Each access token has a specific scope, lifespan, and other attributes.
By default, an instance issues access tokens with a 30-minute lifespan in the scenario where the instance is the OAuth provider. For third-party tokens, 30 days. |
| Refresh Token | A credential that a client uses to obtain new access tokens without requiring additional user authorization. An instance issues a refresh token to a client when it is first authorized to have an access token.
By default, an instance issues refresh tokens with a 100-day lifespan in the scenario where the instance is the OAuth provider. For third-party tokens, 365 days. |
Regards
Sulabh Garg
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-04-2021 05:31 AM
Hello,
Please see the below docs link
| Access Token | A secure string that a client uses to access protected resources. An instance issues access tokens to clients that have a valid authorization grant. Each access token has a specific scope, lifespan, and other attributes.
By default, an instance issues access tokens with a 30-minute lifespan in the scenario where the instance is the OAuth provider. For third-party tokens, 30 days. |
| Refresh Token | A credential that a client uses to obtain new access tokens without requiring additional user authorization. An instance issues a refresh token to a client when it is first authorized to have an access token.
By default, an instance issues refresh tokens with a 100-day lifespan in the scenario where the instance is the OAuth provider. For third-party tokens, 365 days. |
Regards
Sulabh Garg
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-06-2021 04:07 AM
hi,
Refresh tokens are the credentials that can be used to acquire new access tokens.
-
The lifetime of a refresh token is much longer compared to the lifetime of an access token.
-
Refresh tokens can also expire but are quiet long-lived.
-
When current access tokens expire or become invalid, the authorization server provides refresh tokens to the client to obtain new access token.
An access token is a string that identifies a user, an application, or a page. The token includes information such as when the token will expire and which app created that token.
-
First, it is necessary to acquire OAuth 2.0 client credentials from API console.
-
Then, the access token is requested from the authorization server by the client.
-
It gets an access token from the response and sends the token to the API that you wish to access.
Please mark this helpful/correct.
Thanks
