How long do refresh tokens last for?

For Open Banking connections, they can be renewed to the maximum lifetime of the expiration of the provider refresh token.

Provider refresh tokens for Open Banking connections currently have a maximum lifetime of 90 days before re-consent is required.

Note that the refresh token must be used within a 30-day window in order to “refresh” the access.

We also recommend renewing tokens periodically or prior to a big batch of requests

See a visualization of a refresh token lifetime below:

You can find more information about the lifetime of identifiers in our documentation here.
Check how to renew access_tokens in our API reference.

Related articles

Related articles

Why do I get a ‘414 Request – URI Too Large’ error when connecting to Virgin Money?

How has TrueLayer implemented the FCA's changes to the 90 day re-authentication process?

Are there any differences in the user consent flow for business accounts opposed to personal accounts?

Can I use the reauthentication flow for a user that has revoked access?

I'm on Incognito/Private Mode and can't connect to my bank, why?

New tab triggered after bank authentication, why?

I can't connect to Caisse d'Epargne, why?

How can I obtain a `session_Id` to assist with an escalation?

Why are my tokens getting invalidated?

I'm implementing the re-authentication flow. What should I know?

I'm having issues refreshing my tokens. What should I do?