OAuth REST access_token and instance_url expiry time?

Question

I am working with Oauth2.0. In that i could able get the access_token and instance_url. Is there any expiry time for these two.

Can I store them and use it for all my REST calls without getting the new access_token and the instance_url. Is it possible for me to use it for long hours or even days.

Answer 1

So, basically, the access token is valid for a particular length of a session, as it's actually a session ID, that said, you should also be given a refresh token. The refresh token has a much longer lifetime and can be used to authenticate the user once the session has expired, without them having to enter any credentials — this allows you to do it in the background without them even having to concern themselves with the login process.