Issuing a refresh token

By default, authorized applications do not issue refresh tokens.

If the application does not request refresh tokens, keep the slider off to disable issue refresh tokens.

If your application does use refresh tokens, the refresh token expires according to the limit entered in the Grant Lifetime setting. If a call for a refresh token is made, the existing token expires based on this setting, and the new token is extended to expire based on the Grant Lifetime. The default value for Grant Lifetime is 30 days.

If Issue Refresh Tokens is disabled, Refresh Token Grant Lifetime is also disabled.

If Issue Refresh Tokens is enabled, specify the desired length of time and specify whether the value is in hours or days. This sets the expiration time of the refresh token, making it invalid to use. Refresh tokens for this authorized application are removed after this time expires.

By default, refresh tokens are rolled over after the grant life expires. If your application does not require the refresh token rollover to happen and requires the refresh token to remain alive indefinitely, toggle the Roll Refresh Tokens setting off.