When social media live streaming tops your content calendar, you need to put in extra effort to keep vigilant about your social channels. You need to make sure they’re connected all the time, and for this, you might need to refresh them from time to time. While this can be pretty irritating, there’s really no way out. Social networking platforms keep changing their protocols to keep your account safe and secure. Hence, refreshing time and again is the standard user behavior. Access Tokens are a vital part of the process. This blog explains the basics behind Access Tokens and how they work, delineating the best practices to keep your social channels connected.
In This Blog:
- What is Access Token?
- What are Refresh Tokens?
- Why do you need to refresh your social channel?
- When do Access Tokens expire?
- Best Practices for Keeping your Social Channels Connected
What is Access Token?
Access Tokens are the permission applications use to make API requests on your behalf. They fundamentally represent the authorization bearer of a specific application, such as Facebook, YouTube, or Instagram, to access your data. Access Tokens must necessarily be kept confidential in transit and storage. They should only be accessible to the application, the authorization server, and the resource server.
Connecting your social accounts to OneStream Live requires Access Tokens. When an Access Token expires, you will be required to reconnect that social channel. The majority of social accounts simply require a reconnection.
What are Refresh Tokens?
A Refresh Token is a unique token used to obtain additional Access Tokens. This fundamentally allows you to have short-lived Access Tokens without collecting the credentials every time the previous token expires.
A standard method of granting tokens is to use a combination of Access Tokens and Refresh Tokens. This ensures maximum security and flexibility. The service typically issues Access Tokens that last anywhere from a couple of hours to several weeks. When the service generates Access Token, it simultaneously issues a Refresh Token that does not expire. So, when the Access Token expires, the application can automatically use the Refresh Token to obtain a new Access Token. This process will take place behind your back without requiring your involvement.
Why Do You Need to Refresh Your Social Channel?
You need to refresh your social channel every time your Access Token expires. Regardless of which social media you’re using, you will inevitably need to refresh your channel under the following circumstances:
- If you change the username or password of the social channel – changing the username and password of your social channel will result in that social media removing OneStream Live’s access to your account.
- If OneStream Live’s access to the social channel is revoked – every social network grants separate authorization to third-party apps for accessing your account. If OneStream Live’s access is revoked or altered, it will result in losing the initial Access Token, and your social channel will need to be reauthorized.
When do Access Tokens Expire?
Access Tokens can expire for multiple reasons, including password changes and the explicit lifespans of an Access Token itself. Each social network has its own set of policies regarding Access Tokens and their expiry.
Facebook and Instagram
Facebook and Instagram accounts typically require refreshing more often than other social networks. Facebook typically issues tokens with a lifetime of about 60 days, which means you will need to refresh your account after that. Other reasons that may result in token expiry include:
- You changed the password for your Facebook account.
- You no longer have admin access to the Facebook Page(s).
- You are publishing identical posts to several accounts at the same time.
- You are logging in to your social account from many different IP addresses.
- You are logging out from several different accounts.
- Your activity is considered ‘not secure’ by Facebook’s AI-based algorithm.
- You switched/changed your device. For example, you signed in to OneStream and authenticated OneStream with Facebook. Later on, if you sign in with your mobile device, Facebook will revoke the permission, considering it a privacy breach.
User access tokens come in two forms: short-lived tokens and long-lived tokens. Short-lived tokens usually have a lifetime of about an hour or two, while long-lived tokens usually have a lifetime of about 60 days. You should not depend on these lifetimes remaining the same - the lifetime may change without warning or expire early.
Facebook might lock your account once the Access Token expires. This happens when you log in to an incorrect Facebook account in your browser and it gets connected to OneStream as well. Here's what you have to do:
- Login to your Facebook account on another tab in the same browser, where you are logged in to OneStream.
- Go to Accounts Settings in your OneStream Dashboard.
- Scroll down to the "Facebook Permission Section" and click Log Out.
- Now go to Facebook.com and log out as well. Once you are done, return to OneStream and click on your locked Facebook account to log in.
- Once you enter the username and password of the Facebook account that has admin rights on this locked Facebook account, it will work.
Twitter Access Tokens do not have specific lifespans or expiry dates. Hence, Twitter accounts connected to OneStream do not usually require frequent refreshing. However, your Access Token may expire if:
- You are publishing duplicate content frequently.
- You exhibit other spam-like behavior on Twitter.
Access tokens are not explicitly expired. An access token will be invalidated if a user explicitly revokes an application in their Twitter account settings, or if Twitter suspends an application. If an application is suspended, there will be a note on the apps.twitter.com page stating that it has been suspended.
LinkedIn channels connected to OneStream require refreshing every 60 days. This is the typical lifespan of the Access Tokens granted by LinkedIn. Besides this, your LinkedIn Access Token may expire if:
- You no longer have Super Admin access for LinkedIn Page(s).
- You are frequently publishing identical posts to several LinkedIn accounts exactly at the same time.
Access Tokens stay valid until the number of seconds returned in the *expires_in field in the API response. A user can go through the OAuth flow on multiple clients (browsers or devices) and simultaneously hold multiple valid access tokens as long as the same scope is requested. If the user requests a different scope than the previously granted scope, then all the previous access tokens are invalidated.
*expires_in — The number of seconds remaining, from the time it was requested, before the token will expire. Currently, all access tokens are issued with a 60 day lifespan.
Twitch APIs use the OAuth 2.0 Access Tokens to access your data. It uses two types of Access Tokens; User Access Tokens and App Access Tokens. The User Access Tokens are used for APIs that require the user’s permission to access resources, while App Access Tokens are used for APIs that don’t require the user’s permission to access resources. Twitch Access Tokens may expire if:
- You change your Twitch account password.
- You disconnect your app from your account’s Settings.
The Twitch APIs use two types of access tokens: user access tokens and app access tokens. The reference content for each API identifies the type of access token you must use to access its resource. Some APIs require a user access token, others require a user access token or an app access token, and a few like the EventSub APIs require app access tokens.
Best Practices for Keeping your Social Channels Connected
To keep your social channels connected, you must keep your Access Token from expiring early:
- Always reconnect your social channels with your personal login.
- Only have one person assigned to reconnect channels in OneStream.
- Turn on two-factor authentication in your social accounts wherever possible.
OneStream Live is a cloud-based solution to live stream across 40+ Social Media Platforms and the web simultaneously. For queries and feedback, Live Chat with our team or write to us at [email protected]. You’re also welcome to Write for Us!