Access token expiration after refreshing

I would like to know how much time an api access token is valid after making a call to refresh it. If I request another api access token the previous one becomes invalid immediately?

Thanks for your help.

Access Token last for 24 hours. Refresh Token last for 6 months, I believe.

The moment you refresh the tokens, you will get a new Access and Refresh Token.

Thanks for your answer Pav.
I need exactly to know if when you refresh the access token the previous become invalidated immediately, does it happen?

Yes, but there maybe a small time frame where the old one may still be available. It could be a minute, but I cannot confirm that if it is true now-a-days.

Due to the design of this, you will have to set up an automated script that runs every say 20 hours (as a precaution) to automatically refresh the tokens. Unless you have got your script to doing it another way.

I have running a windows service that depends on that token, if it becomes immediately invalidated, then I need to stop my services in order to wait for the new tokens. That is why I need to know the exact time when an access token become invalidated after refreshing. Who can confirm me the time you gave me?

@TomScott would be able to confirm it.

Pav has the correct timings, but don’t depend on that. Each Token has an expiration on it, which you should store alongside the token to determine when to refresh it. That way, if a provider changes the expiration rates, your code doesn’t break.

Thank you Tom.
Yes, I can see the expiration time for access token is 24 hours and refresh token 90 days. I am aware of those times. I can solve the refreshing by requesting new tokens before 24 hours happen.
The most important point is the small time frame where the old token is still valid since 1 minute is sufficient to change the tokens in my code while other requests to your api are being made.

Brian, you’re missing the fact that you get a new one. You just have to replace the old with the new, which most do via a db table.

Hey John, thanks for the answer. I am considering that.
The critical point for me is the time when the old access token becomes invalidated after refreshing. I am following the answer of Tom and Pav, and think about a solution considering that time frame.

Watch the video. I go over managing that. Basically, run the scheduled service once an hour and if a token is 4 hours or less from expiration, then refresh it. If it fails then you have 2-3 other opportunities for it to work. When it succeeds you just update the db with the new. Then all you will need from there on in is to have an endpoint to retrieve the currently active token.