Programmable Chat has been deprecated and is no longer supported. Instead, we'll be focusing on the next generation of chat: Twilio Conversations. Find out more about the EOL process here.
If you're starting a new project, please visit the Conversations Docs to begin. If you've already built on Programmable Chat, please visit our Migration Guide to learn about how to switch.
Twilio access tokens have a lifetime determined by your server when you generate the token, with a minimum of 3 minutes and a maximum of 24 hours. When an access token in your application expires, you must update the token with your client(s) to continue using Twilio's services.
After the initial start of your application on iOS, Android or in the browser, your access token needs to be passed to the instance of Programmable Chat SDK. You can then either register a lambda or implement a listener method to handle the token refresh events depending on your platform.
1const Chat = require('twilio-chat');23// Make a secure request to your backend to retrieve an access token.4// Use an authentication mechanism to prevent token exposure to 3rd parties.56const accessToken = '<your accessToken>';78Chat.Client.create(accessToken)9.then(client => {10// Use Programmable Chat client11});
Programmable Chat SDK also offers a method to provide updated tokens over the lifetime of the client. For uninterrupted access to Twilio's services, you should provide renewed tokens to your Twilio client SDKs before expiration with the client's updateToken
method.
If you are using multiple Twilio client SDKs in your project at the same time, and share a common access token with multiple service grants (e.g. Chat, Sync, Voice, Video) you should instead implement external token lifecycle management using AccessManager component.
Programmable Chat SDK has a built-in access token lifecycle management to support this renewal process.
When an access token is in its final three minutes, the token about to expire
event is triggered. If the token was not updated before its expiry, a token expired
event will trigger. You should use one of these methods to fetch a new access token and set it on the Chat SDK instance. The client will then validate the update you provided and refresh the token for all internal components to use it for subsequent operations. Additionally, a token error event may surface if there is a problem with the token provided to SDK.
The implementation of this mechanism varies by platform and is described in detail below.
Note: If the provided token is valid with less than three minutes remaining until expiry, the token about to expire
event will trigger immediately. If the supplied token is already expired, the error
event will trigger and the client will close connection.
1chatClient.on('tokenAboutToExpire', function() {2// Implement fetchToken() to make a secure request to your backend to retrieve a refreshed access token.3// Use an authentication mechanism to prevent token exposure to 3rd parties.4fetchToken(function(updatedToken) {5chatClient.updateToken(updatedToken);6});7});
Regardless of the way you choose to update your client's access token, renewing the token prior to expiry is important for ensuring that your chat application is a great user experience.