Change the OAuth access token lifetime
Creatio lets you authorize via OAuth 2.0 using the following authorization types:
- client credentials grant (server-to-server)
- authorization code grant (on behalf of a user)
Learn more: OAuth 2.0 authorization types overview (user documentation).
External apps and web services you integrate with Creatio using client credentials grant receive OAuth access token. An OAuth access token is an auto-generated token that lets you access Creatio API using client credentials grant.
Each OAuth access token used by client credentials grant has a finite lifetime, 3600 seconds out of the box. The AccessTokenLifetime
column in the Clients
database table stores the value of the token lifetime.
To avoid integration issues and minimize security risks, we recommend using OAuth access token lifetime no longer than a few hours.
To change the access token lifetime for Creatio in the cloud, contact Creatio support.
To change the access token lifetime for Creatio on-site:
-
Retrieve the value of the access token lifetime. To do this, execute the following SQL query.
SQL queryselect
"ClientId",
"AccessTokenLifetime"
from "Clients" -
Set a new lifetime of the access token. To do this, execute the following SQL query.
SQL queryupdate "Clients"
set "AccessTokenLifetime" = New_Token_Lifetime
where "ClientId" = Some_Client_Id
As a result, lifetime of the OAuth access token for Creatio on-site will be changed.
See also
Set up client credentials grant (user documentation)
Authorize external requests using client credentials grant