Token Expiration

Access tokens have limited lifetimes (the current default is 7200 seconds = 120 minutes).

If your application requires access to an SAP Fieldglass REST API beyond the lifetime of a single access token, it needs to obtain a new token as outlined in Obtaining an Access Token from SAP Fieldglass Server.

If you make an API call using an invalid token, you receive a "401 Unauthorized" response back from the server. A token could be invalid and in need of regeneration for the following reasons:

• The token has expired.

• The user has revoked the permission initially granted to your application.

• You've changed the member permissions (scope) that your application is requesting.

• If a subsequent OAuth 2 flow has generated a new access token, then the previous token is invalidated.

A predictable expiry time isn't the only contributing factor to token invalidation. Be sure that your applications are coded to properly handle an encounter with a 401 error, by redirecting the user back to the start of the authorization workflow.