Hi
I have the following queries on a OAuth token generated in the Paypal transaction flow.
Once a call is made to- https://api.sandbox.paypal.com/v1/oauth2/token, Oauthtoken is returned to the source app.
1.How long is it valid? There is a "expires_in" attribute returned, which does define it. However, does it vary for every token generated?
How is the lifespan of this token defined.The reason for this q, do we have to hit for an oAuth on every trx, can we not retain it internally till its lifetime (if its pre-defined and has a fixed/valid value for each case) if the same user is using it for n-number of trx.
2.Is there a way to revoke this token once the transaction is done, this is to avoid the storage mentioned earlier, so that we are sure that every trx is stamped with a different oauth tokens and we do not run into any expired tokens or so.
Please point out to any links/doc which give a detailed explanation of it.
Thanks,
gayathri
