OAuth2 and Google API: Access token expiration time?
original source : http://stackoverflow.com/questions/13851157/oauth2-and-google-api-access-token-expiration-time
You shouldn’t design your application based on specific lifetimes of access tokens. Just assume they are (very) short lived.
However, after a successful completion of the OAuth2 installed application flow, you will get back a refresh token. This refresh token never expires, and you can use it to exchange it for an access token as needed. Save the refresh tokens, and use them to get access tokens on-demand (which should then immediately be used to get access to user data).
EDIT: My comments above notwithstanding, there are two easy ways to get the access token expiration time:
- It is a parameter in the response (
expires_in)when you exchange your refresh token (using /o/oauth2/token endpoint). More details.
- There is also an API that returns the remaining lifetime of the access_token:
This will return a json array that will contain an
expires_in parameter, which is the number of seconds left in the lifetime of the token.