danschultzer
commented
4 years ago This is how OAuth 2.0 is required to work. Authorization code MUST expire.
If the access token is expired you can use a refresh token to generate a new access token. You can enable refresh token by setting use_refresh_token: true in the config. It follows the RFC specs: https://tools.ietf.org/html/rfc6749#section-6
You can also remove expiration on access tokens by setting access_token_expires_in: nil in the config.
Hello.
I have a doubt about the authorization code work.
Why it keep expiring? Is there a way to don't need to generate it again and again?
Because sometimes the access token expires and instead just make a request to generate a new access token, I need to generate authorize my application again, get the code and then generate the new access token.