We’re excited to announce that we have improve the refresh token expiration in order to make sure our clients always get a valid refresh token on their end.
- Announcement Date: 03/16/2021
- Release Date: 03/23/2021
Previously, the refresh token used to generate a fresh access token was invalidate as soon as the new pair of access token and refresh token was generated. In the event where the client did not get the response of the refresh call, this behavior might sometimes lead to a situation where the client is no longer able to refresh the access token and therefore loses his OAuth link with the end-user.
In order to get rid of this limitation, we have implemented a new behavior that will keep valid the refresh token used to generate a fresh access token:
- until the fresh access token is used (therefore confirming the correct reception of the new tokens); or,
- for an extra-lifetime of eight (8) hours.
What is the impact in current API integration?
No impact. No change in the integration is required.