Hi, I got this email from TD Ameritrade. Is there a way to avoid the issue they are reporting ?
_**"We actively monitor our different API endpoints to ensure we can continue to provide a stable environment for our applications. We see that your application has generated over 325 tokens in the last 24 hours. Please troubleshoot your code as soon as possible and reply all once you have corrected the code. Generally speaking for authentication, an access token should be generated once every 30 min using an existing valid refresh tokens in the request. There are two types of tokens: a refresh token and an access token. A refresh token is valid for 90 days. They are used to create new refresh and access tokens in the future. Access tokens are valid for 30 minutes. These access tokens are used to authenticate into the different APIs. As long as you have a valid refresh token, use the following parameters with the Post Access Token API to create only an access token:
The above requests can be done without ever interacting with the login screen after the initial sign-on screen and should not be excessively done on a short time period. If this is not corrected, we will need to apply a restriction for your application’s ability to access our API. Please take a look at your application to correct this issue and let us know if you have any further questions."**_
Hi, I got this email from TD Ameritrade. Is there a way to avoid the issue they are reporting ?
_**"We actively monitor our different API endpoints to ensure we can continue to provide a stable environment for our applications. We see that your application has generated over 325 tokens in the last 24 hours. Please troubleshoot your code as soon as possible and reply all once you have corrected the code. Generally speaking for authentication, an access token should be generated once every 30 min using an existing valid refresh tokens in the request. There are two types of tokens: a refresh token and an access token. A refresh token is valid for 90 days. They are used to create new refresh and access tokens in the future. Access tokens are valid for 30 minutes. These access tokens are used to authenticate into the different APIs. As long as you have a valid refresh token, use the following parameters with the Post Access Token API to create only an access token:
grant_type: refresh_token refresh_token:
client_id:
As your refresh token is about to expire (e.g. the 89th day), use the following parameters to create a new refresh token:
grant_type: refresh_token refresh_token:
access_type: offline
client_id:
The above requests can be done without ever interacting with the login screen after the initial sign-on screen and should not be excessively done on a short time period. If this is not corrected, we will need to apply a restriction for your application’s ability to access our API. Please take a look at your application to correct this issue and let us know if you have any further questions."**_