OAuth Token Duration

The Authorization URL uses the duration=permanent query parameter to specify how long a user can interact with your app (once they’ve granted access).

To request short-lived access to your app or sign a user in, do not include this parameter in the Authorization URL.

Note: Bearer tokens expire after 30 minutes. When duration is omitted from the Authorization URL, you will not receive a Refresh Token when you exchange your authorization code for a bearer token.

To request user data indefinitely (for more involved integrations), include the duration=permanent parameter in your Authorization URL. You will only need to pass this parameter once to link your app with a user’s WAX Account. A user can revoke this access at any time from their WAX Account settings.

Important: Only use permanent duration for a one-time "Link your Account with WAX" request. Do not send duration=permanent for signing in existing users.

What's Next