# Token expiration

To ensure security and support proper token rotation, the tokens issued during the OAuth flow have the following defined expiration periods:

### **Access token: 5 minutes**

The Access token has a short lifespan and is intended for immediate use. It is recommended to refresh the token to obtain a new access token when the current one expires.

### **Refresh token: 6 months**

The Refresh token provides long-term access without requiring the user to re-authorize frequently. The Refresh token should be securely stored and used to acquire new access tokens. In case of a token leak or compromise, the Refresh token can be immediately revoked by from your user profile in the **API access** section.

### **Authorization code: 5 minutes**

The Authorization code is intended for single-use and must be exchanged for an Access token and Refresh token within it's expiration window.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://developers.make.com/api-documentation/authentication/oauth-flow/token-expiration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.