Level up your Box knowledge with brand new learning paths on Box University. Visit training.box.com to get started

Activating refresh token expired after 2 months

New post

Comments

2 comments

  • rocks

    Hi ,

     

    I can confirm that Refresh Tokens should be valid for 60 days.

     

    Refresh Tokens are used to get a new "access and refresh token pair". Successful refresh happens when you make a refresh call, get a new Access and a new Refresh token, and use the access token at least once. Once you use the new access token once, the previous Refresh Token used will become invalidated.

     

    Refresh Tokens are part of the OAuth2.0 authentication type

    https://developer.box.com/reference#oauth-2-overview

     

    For your particular use case (daily upload of content to Box) you might want to consider leveraging our 'Service Account" feature which is based off "OAuth 2 with JSON Web Tokens" (this is a certificate-based authentication model which does not rely on regular access token refresh)

     

     

     

    0
    Comment actions Permalink
  • qnapadam

    Hi ,

     

    Thanks, so the only limitation is that old refresh token will become invalid once I use the new access token? Grant tokens in several clients is OK? I get this question because I have around 15 clients in different machine with the same app to sync data and only one of them met refresh issue.

    0
    Comment actions Permalink

Please sign in to leave a comment.