Will there be changes to access token expiration policy?


Currently the FAQ states:

“How long does an access token last?
We do not currently expire access tokens. …”

Will this rule remain in Twitter API 1.1? This is an important implication for the application I’m developing for now.


I think there don’t have expire period if you use Oauth 1.0.
In my case i use Oauth 1.0 and face some problem that access token is shot lived.
result of my website analysis was problem of session of my website.
If some user login to my website and logout, its expired(only web session,but access token not)
so i changed my session config from ‘session.gc_maxlifetime=1440’ to ‘session.gc_maxlifetime=606024*30’ therefore i am realized that access token don’t have expire time. So if you want to expire access tokens i recommend use your session and DB

step1. User accept using your application
step2. Store token information to DB or FILE or Cookie about each user
step3. If user closed explorer, you can delete session on your website but keep Stored information on your DB
step3. User open explorer, you can set session from your DB or COOKIE information