How long do authentication tokens last for API calls?
What about the tokens used for authentication for API calls? I know those don’t last an hour.
When you authenticate to Nextworld’s auth servers, individual access tokens per Nextworld help last 8 minutes. The refresh token that you get on the first auth call and can use subsequently to get additional access tokens lasts per the above guidance which is the same for the UI or API.
What is the advantage of using the refresh token to a new access token versus just making a new token request with the user credential?
In API Integrator flows - I’m not sure there is much of a benefit if the username/password is readily accessible to whatever is making the call.
In UI flows - it saves the user from continually having to supply their username/password every 8 minutes as the refresh token is stored by the NW client and is used for renewing access tokens.
2 Likes