I'm adding OAuth support to my application, and I'm finding:
access_token: expiration of 8 hours
refresh_token: expiration of 8 hours
But, according to the documentation:
access_token: expiration of 10 minutes
refresh_token: expiration of 1 year
Is this a bug in the documentation? Or is this an intentional design change? Or is the token simply falsely advertising the expiration length of the refresh token?
My biggest issue is the short lifespan of the refresh token.
Thanks,
Troy
09-07-2018 08:29 AM
Hi @TroyW
Thanks for your post .
Can you reach out to me on developer_feedback@authorize.net with your clientID so we can look into it further ?
Thanks
Anurag
09-07-2018 10:49 AM