whats the lifetime of Github OAuth API access token

Question

what is the expiry time of github oauth access token. And also how do I renew it. I don\'t see any refresh token in their documentation. Please guide me. Thanks in advance.

Answer 1

Generally, the access_token of GitHub has no expiry until you revoke the OAuth token.

You can consider to opt in to GitHub App expiration token beta feature. This would make your app use expiring user tokens valid for 8hrs, and refresh tokens valid for 6 months

Here's an official step by step guide

Answer 2

As commented in this "GitHub OAuth Busy Developer's Guide"

Tokens don't have to expire.

You can check an OAuth application authorization, delete it or revoke it.
But the token itself doesn't seem to be bound to an expiry date.

badsyntax adds in the comments:

I also found this useful:

"An OAuth token does not expire until the person who authorized the OAuth App revokes the token."
From "Migrating OAuth Apps to GitHub Apps".

Stokito points out in the comments to rfc6749 / 4.2.2 Access Token Response:

expires_in

RECOMMENDED.
The lifetime in seconds of the access token.
For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated.
If omitted, the authorization server SHOULD provide the expiration time via other means or document the default value.