Token Validity
Grant Token (Authorization code)
- Grant token is a one-time use token and valid for two minutes, by default. If you want to extend the expiry time, choose the required time from the drop-down while generating the token from the developer console (applicable only to self-clients).
- You can generate a maximum of 10 grant tokens in a span of 10 minutes per client ID.
Access Token
- Each access token is valid for one hour.
- You can generate a maximum of 10 access tokens in a span of 10 minutes.
- When you generate the 11th access token, the first created access token will be deleted.
Refresh Token
- Refresh tokens do not expire until a user revokes them.
- You can generate a maximum of 10 access tokens from a refresh token in a span of 10 minutes.
- You can generate a maximum of 20 refresh tokens in a span of 10 minutes per client ID.
- When you generate the 21st refresh token, the first created refresh token gets deleted.