Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Does the refresh token obtained through the OAuth 2.0 for Apps REST API expire?

Marco Roman
Marco Roman June 26, 2020

I'm following the OAuth 2.0 developer guide and I retrieved bearer tokens as described in section 2. Exchange authorization code for access token. I included the offline_access scope in the original authorization request to get a refresh token in the following response:

{
 "access_token":"{access_token_value}",
 "refresh_token":"{refresh_token_value}",
 "scope":"read:jira-work offline_access",
 "token_type":"Bearer",
 "expires_in":3600
}

Just out of curiosity, does that "expires_in" value apply to both the access and refresh tokens? If not, when do refresh tokens expire?

Answer
Watch
Like Be the first to like this
906 views

1 answer

1 accepted

0 votes
Answer accepted
DPKJ
DPKJ
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 26, 2020

@Marco RomanAtlassian have followed standard RFC guidelines, and Refresh Token doesn't not expire as per these guidelines.

Here is a link to an answer submitted Atlassian Team member - https://community.atlassian.com/t5/Answers-Developer-Questions/Does-the-oauth-2-refresh-token-expire/qaq-p/574230

View More Comments
Marco Roman
Marco Roman June 29, 2020

Thank you for the rapid response! All clear now.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events