Device API Client Token with no expiry?

With regards the device API.
Is there any way to create a client token that has no expiry? Currently it is set to 48hrs

The token should have an expiry. May I know the reason for using a client token that has no expiry?

If the API is implemented as per oauth2 standard the access token is short lived for security purposes.

You would use a refresh token to refresh an expired access token. (Which is a POST request to token endpoint using refresh_token grant type).

Refresh tokens typically are long lived. I think Peplink sets it at 30 days.

1 Like