AnsweredAssumed Answered

Refresh Token Expiration

Question asked by ankur_lamba on Mar 15, 2017
Latest reply on Mar 16, 2017 by Mark_HE

Is it a good idea to keep a hard expiration limit, say 30 days, on a refresh token and not issue a new one every time a new access token is requested, such that, when the refresh token has expired, it forces re-authentication?

Outcomes