Definition of "expires_in" Field in the Response of "POST /oauth/token" Endpoint

rueben.tiow · July 20, 2023, 11:14pm

Overview

This article clarifies which token’s lifetime is represented by the expires_in field in the response from the POST /oauth/token endpoint, which can include an access token, an ID token, and a refresh token.

Applies To

Tokens
Management API
“POST /oauth/token” Endpoint
“expires_in” Field

Solution

The token_type and expires_in fields, present in the response of the POST /oauth/token endpoint, are defined in the OAuth 2.0 specification (RFC 6749) section 5.1.
According to this specification, the expires_in field indicates the lifetime of the access token.

Topic		Replies	Views
Expires_in value is always 86400 SOLVED Get Help jwt , auth0 , expiration	3	16413	February 9, 2020
How to check access_token is expired? Get Help	4	10615	February 25, 2022
Control expires_in value for SPA Get Help auth0 , spa , login	7	2938	July 30, 2021
/oauth/token not returning id_token Get Help token , id_token	3	12793	March 2, 2018
Need help changing token expiration time in Authentication API response Get Help sessions , authentication-sessions	10	4376	May 16, 2023

Definition of "expires_in" Field in the Response of "POST /oauth/token" Endpoint

Overview

Applies To

Solution

Related topics