Sessions expire based on your organization's policy for sessions. As long as the app is in active use, the session won't expire. Once the session is logged out, the timeout has elapsed, or it is otherwise expired (e.g. an administrator expires all sessions for the Connected App).
There's no way to know how long it will be until your session expires. It's not exactly "trial and error," it is simply a normal process. Even if you were told that your session expired in two hours, it might not last two hours if an administrator revokes the session, the session remains in use, etc.
If you use refresh tokens, your code should first try the regular API call, and if you get a 4xx result, try using the refresh token to get a new session token, and if that fails, then you've been kicked out, and the user needs to re-authenticate to continue. If you don't use refresh tokens, you can skip the middle step, obviously
Sessions expire based on your organization's policy for sessions. As long as the app is in active use, the session won't expire. Once the session is logged out, the timeout has elapsed, or it is otherwise expired (e.g. an administrator expires all sessions for the Connected App).
There's no way to know how long it will be until your session expires. It's not exactly "trial and error," it is simply a normal process. Even if you were told that your session expired in two hours, it might not last two hours if an administrator revokes the session, the session remains in use, etc.
If you use refresh tokens, your code should first try the regular API call, and if you get a 4xx result, try using the refresh token to get a new session token, and if that fails, then you've been kicked out, and the user needs to re-authenticate to continue. If you don't use refresh tokens, you can skip the middle step, obviously
There is another system which calls salesforce api with the JWT token. After generating the JWT access token it is hardcoded in that system's setting. There is no mechanism through which we can get new access token if it gets expired.
Sessions expire based on your organization's policy for sessions. As long as the app is in active use, the session won't expire. Once the session is logged out, the timeout has elapsed, or it is otherwise expired (e.g. an administrator expires all sessions for the Connected App).
There's no way to know how long it will be until your session expires. It's not exactly "trial and error," it is simply a normal process. Even if you were told that your session expired in two hours, it might not last two hours if an administrator revokes the session, the session remains in use, etc.
If you use refresh tokens, your code should first try the regular API call, and if you get a 4xx result, try using the refresh token to get a new session token, and if that fails, then you've been kicked out, and the user needs to re-authenticate to continue. If you don't use refresh tokens, you can skip the middle step, obviously
http://salesforce.stackexchange.com/questions/73512/oauth-access-token-expiration
https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_understanding_refresh_token_oauth.htm
Hope this helps you!
Please mark it as Best Answer if my reply was helpful. It will make it available for other as the proper solution.
Thanks and Regards
Sandhya
All Answers
Sessions expire based on your organization's policy for sessions. As long as the app is in active use, the session won't expire. Once the session is logged out, the timeout has elapsed, or it is otherwise expired (e.g. an administrator expires all sessions for the Connected App).
There's no way to know how long it will be until your session expires. It's not exactly "trial and error," it is simply a normal process. Even if you were told that your session expired in two hours, it might not last two hours if an administrator revokes the session, the session remains in use, etc.
If you use refresh tokens, your code should first try the regular API call, and if you get a 4xx result, try using the refresh token to get a new session token, and if that fails, then you've been kicked out, and the user needs to re-authenticate to continue. If you don't use refresh tokens, you can skip the middle step, obviously
http://salesforce.stackexchange.com/questions/73512/oauth-access-token-expiration
https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_understanding_refresh_token_oauth.htm
Hope this helps you!
Please mark it as Best Answer if my reply was helpful. It will make it available for other as the proper solution.
Thanks and Regards
Sandhya
Thanks for the explanation.
This is about JTW token for which my understanding is it last for long and can be used in automation/background process.
For one of the project I generated the JWT token (https://help.salesforce.com/articleView?id=remoteaccess_oauth_jwt_flow.htm&type=5) by setting up the exiry to 2020. I was expecting this token will last until 2020. But apparently you have mentioned that it depends on org's session policy setting.
There is another system which calls salesforce api with the JWT token. After generating the JWT access token it is hardcoded in that system's setting. There is no mechanism through which we can get new access token if it gets expired.
Can you put your insight into this?
Thanks & Regards
Lokesh