Public
Occasional Contributor

Is refresh_token for lifetime?

am changing and updating my access_token based on validAuth, but never updated refresh_token. Am i right, resfresh token for life time except if we want to to refresh forcefully.

3 Replies 3
Honored Contributor

@nrajesh - Yes, you are right ..refresh token is used to update the access token. We need hit a separate call to update the refresh token. 

Give kudos if you find my posts helpful or mark solution if it answers your query.
Tariq
Occasional Contributor

whenever we refresh the accessToken, the response having accessToken and refreshToken also. but i have stored accessToken only in my DB for further actions, not refresToken. Confirm we dont need to store refresToken ? whatever we got at initial stage that is for lifetime correct.

@nrajesh - Yes, you do not need to store the refresh token, if you already have it. It will not be expired until it is blacklisted or refreshed using rest API call. 

 

Here is an article for refresh token which will give you more info regarding the refresh token. 

 

 

Give kudos if you find my posts helpful or mark solution if it answers your query.
Tariq

Welcome to the Technology board!

Curious about our platform? Looking to connect on social technology? You've come to the right place!

Are you a Khoros customer? For direct assistance from our Support team, please visit the Support Forum.