2025-02-06

We've fixed OAuth access tokens not expiring as expected. Previously, OAuth access tokens generated from apps with the "Expire user auth" option did not expire after 60 minutes, as expected. Instead, tokens remained valid beyond the intended expiration time.

Access tokens now correctly expire after 60 minutes when the "Expire user auth" option is enabled in the app settings.

This fix ensures that authentication behavior aligns with security expectations for apps requiring token expiration.

Recommended action

Developers using OAuth should verify that their apps handle token expiration correctly and refresh tokens as needed.