Authentication limitations
A maximum of 50 refresh tokens are allowed per combination if client_id and user_id. When this limit is exceeded, older refresh tokens are automatically deleted.
To be able to use our API, you will need an access_token that is generated most of the times via a refresh_token. An access_token has usually a life-time of 1 hour, but a refresh_token has a bigger life time, by default from 4 weeks to 3 years.
| Token type | Maximum tokens |
|---|---|
|
|
|
|
Important: Please make sure to store refresh_token in redis or some similar caching provider, and ALWAYS in a secure storage.
Last updated