Access Token TTL and Revocation

jenniferlusonycom · November 22, 2016, 6:54pm

Using the authorization code flow, I got twitch access token and refresh token. However, the access token does not have TTL. My question is:

What is the TTL of access token and refresh token?
What API can I use to verify access token?
What API can I use to retrieve a new access token with the refresh token?
How do I revoke token/permission using an API, rather than doing it manually through UI?

Thanks!

Jennifer

Larklen · November 22, 2016, 6:59pm

If I recall correctly, there is no TTL for the tokens (I am still using mine which are ~one year)

As for revoking permission - I don’t believe there is a way to do it via the API, the user would have to go into their Connections page and disconnect from there.

jenniferlusonycom · November 22, 2016, 9:57pm

Thanks, @Larklen, that is what I read so far online. No TTL for access token and seems to be active until manually revoke it from UI. And no API to revoke token. Not standard OAuth implementation though.

BarryCarlyon · November 23, 2016, 8:48am

You can verify a token (and the scopes it has) by calling the root end point of /kraken/

system · January 17, 2017, 11:13am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.