Token Validity
Grant Token (Authorization code)
Grant token is a one-time use token and valid for three minutes, by default. If you want to extend the expiry time, choose the required time from the drop-down while generating the token from the developer console (applicable only to self-clients).
You can generate a maximum of 10 grant tokens in a span of 10 minutes per client ID.
Access Token
Each access token is valid for one hour.
You can generate a maximum of 10 access tokens in a span of 10 minutes.
When you generate the 11th access token, the first created access token will be deleted.
Refresh Token
Refresh tokens do not expire until a user revokes them.
You can generate a maximum of 10 access tokens from a refresh token in a span of 10 minutes.
You can generate a maximum of 20 refresh tokens in a span of 10 minutes per client ID.
When you generate the 21st refresh token, the first created refresh token gets deleted.