Do we have to regenerate OAuth 2.0 tokens regularly?
Good Morning,
Do we have to regenerate OAuth 2.0 tokens regularly?
Until September 2023 we were on prem and sometime prior to that, we had IMAP monitors.
The tokens would not stay valid for more than 90 days. We had to regenerate them periodically or the mail monitors would eventually fail until we did.
Now we are in the cloud and have OAuth 2.0 monitors.
I've read through the various articles on setting up email monitoring accounts and I did not find the answer. Do we still have to do this or not?
Article for reference (doesn't specify) https://solutions.teamdynamix.com/TDClient/1965/Portal/KB/ArticleDet?ID=158115
Thank you,
Sarah
Answer (1)
Hello Sarah,
The OAuth accounts use an application secret to allow them to be renewed (theoretically) until the secret's expiration date is reached. I say theoretically because, for O365 accounts, Microsoft hasn't been great about maintaining that current access & refresh tokens are still valid, or something else on their end may go wrong, that could cause the tokens to become invalidated ahead of the expiration of that secret ID.
If that happens, you'd see the same monitoring issue as you were seeing in that mail would stop being processed and errors may get logged, but it would be a random occurrence if this does happen, so it'd be impossible to anticipate the timing.
The short answer is: no, you shouldn't have this issue, but if you're monitoring emails from O365 accounts you could possibly see times when the monitors stop processing until the tokens are refreshed, for seemingly no reason, but again this is not a frequent occurrence. It is just random.
Sincerely,
Mark Sayers
Sr Support Consultant, CS