Type
Improvement
Status
Open
Reported By
Charly Bernard
Component
API
Votes
Created
6/Nov/13 10:01 AM EST
Tracking
Sign in to track this issue
Description
IS there a way to have a permanent access token ? Every 3 days I've to renew it and I guess that the renew date written below my access token is false. Thank you for your support and your amazing API
Comments
1. Erik Berg 7/Nov/2013 at 3:32 AM EST
The access token lasts for exactly seven days. You can sign in at any time and generate a new access token that lasts seven days from the moment you click "Renew Access Token". It was implemented this way to discourage iOS and Android developers from distributing their access token inside their apps and to limit the exposure from javascript-only websites where the access token is pasted in the public source code. This API attracts some developers who are just starting out and may be unaware that their actions can have a negative impact on the stability of the servers. That said, I do understand it is an inconvenience to change the access token each week and adding options for longer lasting tokens is on the TODO list.
2. Matt Vague 24/Aug/2015 at 5:07 PM EDT
Hey Erik, any progress on permanent access tokens?
3. Erik Berg 24/Aug/2015 at 6:02 PM EDT
No changes at this time. The token expiration is one month, which is more reasonable than one week. Earlier comment still applies about new developers, plus I think others will only take the security of the access token seriously if they were being charged for it. For example, when I find someone's access token posted in public github repos.
4. Ian Feather 29/Aug/2018 at 4:33 PM EDT
Hey Erik, is there any chance that you would consider adding an endpoint to programmatically renew a token?