Note: This article is relevant to merchants integrating with Zepto in Australia.
Access token: 2 hours
Refresh token: No expiry period
When using the authorisation code grant, Zepto will return a refresh token along with the access token. Access tokens are short-lived and last 2 hours but refresh tokens do not expire.
When the access token expires, instead of sending the user back through the authorisation flow you can use the refresh token to retrieve a new access token with the same permissions as the old one.
It's important to note that the
refresh_token gets regenerated and sent alongside the new
access_token . In other words,
refresh_tokens are single-use so you'll want to store the newly generated
refresh_token every time you use it to get a new
Feel free to reach out if you have further questions by emailing us directly at email@example.com or clicking on the green bubble icon from the corner of the screen.