We are integrating the FreeAgent API for invoice generation and are planning a simple integration. We came across a question regarding the refresh token behaviour, does the API refresh token expire, and if so, what is its expiry duration? We reviewed the documentation but couldn’t find this information.
Hi there - thanks for your question!
I can see how the refresh token behaviour isn’t obvious. If you look at our [OAuth process documentation]( FreeAgent Developer Dashboard ) you’ll see we provide an example response that includes a refresh_token_expires_in key with a value in seconds.
You cannot take the value in the documentation as always true; we may update this in future, but you’ll always get the current value from the token endpoint.
One other thing to say here is that we reserve the right to revoke refresh tokens. Typically we’d expect to do this for security reasons: for example if a customer contacts us to let us know they’ve had a phone lost or stolen. But to get a new refresh token, you can go through the token exchange process again.
I hope that’s clear, and thanks for the feedback on the documentation!