Expiring of OAuth2 token

Rain · January 23, 2021, 12:55pm

Hello.
An API https://id.twitch.tv/oauth2/token?client_id={0}&client_secret={1}&grant_type=client_credentials returning

{
    "access_token": "top secret string",
    "expires_in": 5015207,
    "token_type": "bearer"
}

what does “5015207” mean? Is this milliseconds or something else?

Dist · January 23, 2021, 12:59pm

The expiry is in seconds. So for Implicit OAuth tokens and App tokens the expiration is about 60 days (+/- a few days). For tokens from the Auth Code flow their expiration is about 4 hours, but can be refreshed so is not an issue.

From the docs

Rain · January 23, 2021, 1:17pm

what is the implicit token?

Dist · January 23, 2021, 1:20pm

Implicit tokens are User tokens that you get through the Implicit auth flow

Rain · January 23, 2021, 1:41pm

does this mean that I can get a token once and use it until it is expired?

Dist · January 23, 2021, 1:45pm

Yes, you can use a token until it expires or is made invalid (such as the token being revoked, or the user disconnecting from your app if it’s a user token).

Rain · January 23, 2021, 2:57pm

what error code is returning when the token is made expired or invalid?

Dist · January 23, 2021, 3:17pm

You’ll get a 401 status code if you use an invalid OAuth token.

system · February 22, 2021, 3:17pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.