Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Groups
Explore all groups
Community resources

When do JIRA oAuth tokens expire?

Kevin Dixon
Kevin Dixon Jan 17, 2016

I've managed to create an Application link for my server-side application, and run through the oAuth dance and get access tokens. This all works fine, and I can use the tokens using the REST API.

However, I've read elsewhere that the tokens have a limited lifetime (e.g. https://answers.atlassian.com/questions/332492) that can be seen in http://<JIRA_URL>/plugins/servlet/oauth/users/access-tokens. However, with my Cloud installation of JIRA, there is no expiry listed on this page - just the date the name of the app, date granted, 'Read and Write access' and a button to revoke.

How can I tell what the token lifetime is?

Answer
Watch
Like 1 person likes this

6 answers

0 votes
Yousef Hammouda
Yousef Hammouda Jun 16, 2016

Hi, i just finished the OAuth tutorial two, and i have the same question!! Even with a standalone server, there is no expiry date mentioned when consulting the token access for a user. Any help? @Kevin Dixon, did you get to solve this? (JIRA servre 7.0.10)

Reply
0 votes
Kevin Dixon
Kevin Dixon Jun 20, 2016

@Yousef Hammouda - no, I didn't find a solution to this yet.

Reply
0 votes
Suket Sharma
Suket Sharma Jun 30, 2016

Did you guys get an update to this? If there is no expiry listed there, does that mean it is lifetime?

Reply
0 votes
Swastik Roy
Swastik Roy Sep 20, 2016

"You can revoke this access token at any time from your JIRA user account, otherwise, all access tokens expire after seven days."

This is from the documentation.
https://confluence.atlassian.com/jiracoreserver071/allowing-oauth-access-802172493.html

Let me know , if you guys have any useful information. 

Reply
0 votes
Suket Sharma
Suket Sharma Sep 27, 2016

They're lifetime tokens. The documentation you've linked to is slightly outdated I believe ( it contains screenshots from 7 years ago). There are no expiry dates associated with access tokens which you can confirm by viewing access tokens from your JIRA console. 

Reply
0 votes
timotei
timotei Mar 14, 2018

The tokens expire as specified in the "oauth_expires_in" parameter when you get the access token. For example, on a default configured JIRA instance on Atlassian's server is 157680000 (which is 5 years)

Reply

Suggest an answer

Log in or Sign up to answer
Community showcase
John Allspaw
John Allspaw
Asked Thursday in Jira Ops

I'm John Allspaw, Ask Me Anything about incident analysis and postmortems

I'm John Allspaw, co-founder of   Adaptive Capacity Labs, where we help teams use their incidents to learn and improve. We bring research-driven methods and approaches to drive effective inciden...

5,340 views 21 17
View question

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you