Generating separate client ID / client Secret key pairs for each client of my API (potentially, thousands)

preslavrachev · May 12, 2020, 4:53pm

I am working on my own service, which is intended to provide API access to an indefinite number of 3rd party clients (customers). For this to work, I would need to be able to issue a new pair of client ID / client Secret for each, as, if understand it correctly, the access tokens are short-lived and would require frequent re-authentication. For my use case, the key pair must remain valid at all times, unless explicitly revoked. Otherwise, it wouldn’t make any sense for my customers to integrate my API into their applications.

Is this something that Auth0 provides?

James.Morrison · May 15, 2020, 5:17pm

Hi there @preslavrachev and welcome to the Auth0 Community!

Access tokens for your API can have a lifetime of up to 30 days . When you leverage refresh tokens you can essentially have never ending access. This should help get you setup Please let us know if you have any questions!

system · May 30, 2020, 5:17pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can I use a refresh token as a user API Token? Help	9	3552	March 23, 2020
Third party access to API Help apis , application	2	980	August 22, 2023
Access token expiration >30 days Help api-keys , token-expiration	2	3145	February 8, 2021
Simple API keys Help	4	3034	October 18, 2019
Unlimited refresh token from SPA Help	3	3183	January 13, 2022

Generating separate client ID / client Secret key pairs for each client of my API (potentially, thousands)

Related topics