Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

When do JIRA oAuth tokens expire?

I've managed to create an Application link for my server-side application, and run through the oAuth dance and get access tokens. This all works fine, and I can use the tokens using the REST API.

However, I've read elsewhere that the tokens have a limited lifetime (e.g. https://answers.atlassian.com/questions/332492) that can be seen in http://<JIRA_URL>/plugins/servlet/oauth/users/access-tokens. However, with my Cloud installation of JIRA, there is no expiry listed on this page - just the date the name of the app, date granted, 'Read and Write access' and a button to revoke.

How can I tell what the token lifetime is?

7 answers

The tokens expire as specified in the "oauth_expires_in" parameter when you get the access token. For example, on a default configured JIRA instance on Atlassian's server is 157680000 (which is 5 years)

Hi, i just finished the OAuth tutorial two, and i have the same question!! Even with a standalone server, there is no expiry date mentioned when consulting the token access for a user. Any help? @Kevin Dixon, did you get to solve this? (JIRA servre 7.0.10)

@Yousef Hammouda - no, I didn't find a solution to this yet.

Did you guys get an update to this? If there is no expiry listed there, does that mean it is lifetime?

"You can revoke this access token at any time from your JIRA user account, otherwise, all access tokens expire after seven days."

This is from the documentation.
https://confluence.atlassian.com/jiracoreserver071/allowing-oauth-access-802172493.html

Let me know , if you guys have any useful information. 

They're lifetime tokens. The documentation you've linked to is slightly outdated I believe ( it contains screenshots from 7 years ago). There are no expiry dates associated with access tokens which you can confirm by viewing access tokens from your JIRA console. 

Using Atlassian Access, they are configurable.  

1. After you log into Atlassian Access, from the top set of tabs, select security 

2. from the left hand panel click on session duration

3. In the middle of the screen is a drop down that will allow you to select the length of time that you would like your session token to last for.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Marketplace Apps & Integrations

Bitbucket Smart Commits vs. Genius Commits - What's the difference?

If you already heard about Smart Commits in Bitbucket, know that you just stumbled upon something even better (and smarter!): Genius Commits by Better DevOps Automation for Jira Data Center (+ Server...

130 views 0 2
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you