Jira Cloud Oauth Expires In

Daniel_Goodfriend September 18, 2019

I am going through the Oauth2.0 process and when I exchange my code for an access token, it responds with my token, my scope, expires_in, and type. 

Expires_In is always returning as 3600, or an hour. 

How do I extend this time?

1 answer

0 votes
Dario B
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 19, 2019

Hi @Daniel_Goodfriend ,

I might not be the best person to answer this question, but I believe the same topic has already been discussed in the below thread in the Developers Community (even if related to Stride development, the answer still applies) in post #8:

 

In there I can read:

There is no way to extend the lifetime of an access token. You’ll have to request a new one every hour (or when you do a request and notice that the old one expired). Some libraries (like the stride-node-client 1) will take care of that for you.

If I had to make an educated guess, I’d say that’s a security feature. If one such token got into the wrong hands, an attacker could read message histories, read out user profiles, etc. With an API token, all they could do is send messages, so there’s no risk of privacy loss, so it’s okay for these to be long-lived.

 

Then, I have also found the below 2 threads:

 

So, in order to summarize:

  1. There is no way to extend the life of an access token, it will always expire after one hour
  2. Once the access token expires you can use the refresh token to generate a new access token (that will expire after one hour)

 

Finally, please notice that this might not be the best place to get help on development  related questions. In case further help will be needed on this topic, you might want to ask the developers community instead, or open a ticket in the developers service desk:

 

I hope this helps.

 

Cheers,
Dario

Suggest an answer

Log in or Sign up to answer