Solved: Re: OAuth2 token length?

gravitas · ‎03-17-2016

Can I make assumptions about the length of the access and refresh tokens?

JeremiahFitbit · ‎11-14-2016

Your app should accomodate 1,024 bytes per token.

See https://community.fitbit.com/t5/Web-API/OAuth-2-0-access-and-refresh-token-size/m-p/1648577/thread-i...

View best answer in original post

gravitas1 · ‎03-18-2016

Also, is there an upper bound for the length of each type of token?

m4olivei · ‎11-12-2016

I'd also like to know

AndrewFitbit · ‎11-12-2016

@m4olivei You can select the lifetime of the access token.

Authorization Code Grant Flow: 1 hour or 8 hours (defaults to 8 hours)

Implicit Grant Flow: 1 day / 1 week / 30 day / 1 year (defaults to 1 day)

Refresh tokens do not expire until they've been used, or if the user goes through the authorization process again.

Andrew | Community Moderator, Fitbit

What motivates you?

m4olivei · ‎11-14-2016

Thanks, but we're asking about the character length of the token. Is there a defined length of token, or can it vary. Is it different for the access_token and refresh_token?

JeremiahFitbit · ‎11-14-2016

Your app should accomodate 1,024 bytes per token.

See https://community.fitbit.com/t5/Web-API/OAuth-2-0-access-and-refresh-token-size/m-p/1648577/thread-i...

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

OAuth2 token length?

gravitas

JeremiahFitbit

gravitas1

m4olivei

AndrewFitbit

m4olivei

JeremiahFitbit