Discussions (4481)

(When) does the OAuth access token expire?

view profile

DrBolle says:


I develop a little desktop application that makes use of the Flickr API.
Therefore I studied the authorization mechanism via OAuth. So far I have successfully received a request token, asked the user in a dialog to open the authorisation URL in his favourite browser and to enter the verification code he got from there into my apps dialog. I could also get the final access token from request token and verification code. Calls to the API with this access token work fine.
So far so good. Now I wonder if I can store the access token permanently in some key store to avoid the hassle for the user to manually login via the browser every time he runs the desktop application. Does the access token expire after my desktop app ended? Or will it still be valid when the application is started a few days later?

1:30PM, 28 January 2012 PDT (permalink)

view photostream

Sam Judson is a group administrator Sam Judson says:

OAuth 1.0 token's do not expire automatically. The user can revoke them, so if you are worried you can call the flickr.auth.oauth.checkToken method to make sure the token is still valid.
94 months ago (permalink)

Would you like to comment?

Sign up for a free account, or sign in (if you're already a member).