Validity Period of Credentials and Tokens
The following specifications apply to OAuth2 in the HIN system:
| Type | Validity |
|---|---|
| Auth Code | 10 minutes |
| Refresh Token | Duration of Access Token + 7 days |
| Access Token | Varies depending on the application (token group), typically 30-120 days |
| Client Secret (Client Credentials Flow) | Valid for 1 year |
| API Calls | Maximum 3 requests per second |