Question

authorization code Expire time

7 years ago
5 June 2017
3 replies
2984 views

hambrise-alan
New Participant
0 replies

I am getting code, state but there is no expires_in time

Response :

codeU0pDMTFQMDFQQVM...... state:RINGCENTRAL

Can u help me how to get expires_in and what is the lifetime of authorization code

3 replies

anton-nikitin
Employee
140 replies
7 years ago
5 June 2017

Authorization code TTL is now 5 minutes by default. OAuth spec (RFC 6749) does not define any attribute to pass expires_in for authorization code. We will consider implementing it as an extension.

Tyler850957020
Community Manager
548 replies
7 years ago
6 June 2017

I think you are talking about authorization code flow. As far as I can tell, authorization code expires very quickly. You should exchange it for access_token as soon as you can.

"The authorization code must expire shortly after it is issued. The OAuth 2.0 spec recommends a maximum lifetime of 10 minutes, but in practice, most services set the expiration much shorter, around 30-60 seconds."

Ref: https://www.oauth.com/oauth2-servers/authorization/the-authorization-response/

As authorization codes are short-lived and for single-use, they are implement as self encoded and is used quickly as one can.

They also cannot be stored in db neither encouraged to do that

Reply

PRODUCTS
RingEX
Message
Video
Phone

OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility

QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded