Cron job Refresh Token

Hello Team,
I have an issue with refresh token… I have set up the cron job on my server to refresh the token everyday. but it is not working on correct time., token will be expired at different time everyday. and my cron job is running at 12:30 CDT. How could we set same time when refresh token is expired then my cron job will work at same time? how could we do that?

We run the cron job every hour. It queries the database for anything that has less than 4 hours remaining in a 24 hour period. If it is approaching expiration it gets a new set of tokens, updates the entry/date/ttl in the database or if it has more than 4 hours then it does nothing.

Thanks for the reply…So we need to run our cron job with in 4 hours to get the refresh token?

I run refresh with 4 hours remaining to account for a failed server call. If there is a failure then there are at least 2 more attempts (every hour). The token is good for 24 hours so at 20 hours I begin attempting refresh.

Alternately, just refresh your Refresh Tokens once a month or so to prevent losing the authorization, and follow this pattern to make calls:

  1. Make call using Access Token.
  2. If call fails, use the Refresh Token to get a new Access Token and retry.

It requires possibly a second round-trip to the auth service the first time that a call is made for a given token in a session, but makes the upkeep of them more resilient.

I have created basic OAuth application which revieals access and refresh token and stored in my db explained here im new to this and have 2 important question:

1- Can i use Access Toke instead of API key in my existing isdk xmlrpc3 apps or i have to update whole apps with new coding?
2- Whats the basic code to get new sets of token via cronjob?


Using an Access Token once you have one is just a modification to the request; you will send an Authorization header with the contents of “Bearer accesstokenthatyouintendtouse” as illustrated in the specification. If you are using an SDK, methods for making the call will be provided and documented in that repository.

John Borelli actually explains the process of refreshing tokens at around the 21:00 mark in that video. We also have documentation around the token refresh endpoint here.


ok that helped me, i tried to get new token and the expiration date time is 1970?

It doesn’t give you an expiration date/time, it gives you a time to live in seconds…don’t convert it to a date. Store the date time it was captured and use that with the time to live value to calculate when it will expire.

1 Like

currently im using methods explained here under ‘PHP iSDK’ with API key from IS application setting, i have to replace API key with access token in my existing apps only, am i correct?

ok its shows 86400, means 1440 minutes = 24 hours, are these fixed, will IS change in future, say e.g changed to 12 hours etc?

Only IS knows that and more than likely they don’t know at the moment. Run a cron job that checks the time left every hour. When you’re down to about 4 hours left, start attempting refresh. This will account for any failures. Short of telling the future, however, 24 hours is the time now and we have no compelling reason to believe it will change.

1 Like

what is [‘endOfLife’]? is this expiration date/time of generated access token or refresh token?

Never hear of ‘endOfLife’…where are you getting that from? The field name returned is ‘expires_in’

this is after initial granting access when IS popup appears to authenticate app to access IS application

ok i figured out, its expiration time of the access token, here is my workflow:

1- i have successfully generated first access and refresh token via manual connection (where IS popup appear)
2-Stored these tokens in DB along date/time of generation and expiration time
3- Added cronjob on server to run every 5 minutes (to test the auto generation of new tokens) and if passed 5 minutes passed from previously stored date/time of token generation, new tokens are successfully generated and stored in DB and so on.
4- Now i will change cronjob to run every hour and if 20 hours of token generation time passed, new tokens will be generated and stored in my DB

Question: My question is that should i fetch access token from DB to replace my API key in existing apps or anything else needed?

Thanks all for replying and helping me!!!

You don’t need to switch from Legacy API Key to OAuth Access Token for every application immediately, but we will eventually end-of-life the Legacy form of authentication, so it would be prudent to at the least ensure that you are using the current method going forward.

1 Like

Uptill now i have successfully generated and stored tokens in my DB, i was trying to test basic PHP code to add contact with duplicate check but not sure how to get success:

require_once 'vendor/autoload.php';
$infusionsoft = new Infusionsoft\Infusionsoft(array(
    'clientId'     => 'xxx',
    'clientSecret' => 'xxx',
    'redirectUri'  => 'xxx',
$accesstoken = 'xxx'; //Rerieved from DB

if (isset($_SESSION['token'])) {
	echo 1;

if ($infusionsoft->getToken()) {
	$_SESSION['token'] = serialize($infusionsoft->getToken());
    $contact = array('FirstName' => 'Test', 'LastName' => 'Test', 'Email' => '');

   $infusionsoft->contacts->addWithDupCheck($contact, 'Email');

    $contact = $infusionsoft->contacts->load($cid, array('Id', 'FirstName', 'LastName', 'Email'));

	echo 2;

else {
    echo 'Token Expired, Get new ones';

Hello pagedesigner

I am not getting new token on specfic time. May be my cronjob time is wrong.
Could you please give the cronjob code that you have created. I am happy if you help me out.

Hi Geek_Tech can you explain how you are storing the tokens and what cron commad you are using it varies from server to server, just ask you hosting provider to provide proper cron command,