Description
As per the documentation, I see that refresh token is valid for 15 years.
I would like to know if there are any other ways in which refresh token can be expired?
If user resets the password, will refresh token get expire? And will user need to re-auth the app again?
If user does similar activities like above (more than just changing the settings) will refresh token get expire?
If I make sure that, I am always using the latest refresh token to get new access token, will this API always work irrespective of user activities mentioned in point 1 and 2?
Thanks for reaching out about this. First, I should note that while it’s valid for 15 years, the refresh token is one-time use for the associated access_token (both refresh token and access_token are returned at the same time when you call our /oauth endpoint).
User activities described in your post will not affect the refresh token, and you’re correct in that you should always be using the latest refresh token to retrieve an update access_token and refresh_token pair.
