Access Token Lifecycle
Programmable Chat has been deprecated and is no longer supported. Instead, we'll be focusing on the next generation of chat: Twilio Conversations. Find out more about the EOL process here.
If you're starting a new project, please visit the Conversations Docs to begin. If you've already built on Programmable Chat, please visit our Migration Guide to learn about how to switch.
Twilio access tokens have a lifetime determined by your server when you generate the token, with a minimum of 3 minutes and a maximum of 24 hours. When an access token in your application expires, you must update the token with your client(s) to continue using Twilio's services.
After the initial start of your application on iOS, Android or in the browser, your access token needs to be passed to the instance of Programmable Chat SDK. You can then either register a lambda or implement a listener method to handle the token refresh events depending on your platform.
Programmable Chat SDK also offers a method to provide updated tokens over the lifetime of the client. For uninterrupted access to Twilio's services, you should provide renewed tokens to your Twilio client SDKs before expiration with the client's
Using multiple client SDKs
If you are using multiple Twilio client SDKs in your project at the same time, and share a common access token with multiple service grants (e.g. Chat, Sync, Voice, Video) you should instead implement external token lifecycle management using AccessManager component.
Token Renewal Events
Programmable Chat SDK has a built-in access token lifecycle management to support this renewal process.
When an access token is in its final three minutes, the
token about to expire event is triggered. If the token was not updated before its expiry, a
token expired event will trigger. You should use one of these methods to fetch a new access token and set it on the Chat SDK instance. The client will then validate the update you provided and refresh the token for all internal components to use it for subsequent operations. Additionally, a token error event may surface if there is a problem with the token provided to SDK.
The implementation of this mechanism varies by platform and is described in detail below.
Note: If the provided token is valid with less than three minutes remaining until expiry, the
token about to expire event will trigger immediately. If the supplied token is already expired, the
error event will trigger and the client will close connection.
Regardless of the way you choose to update your client's access token, renewing the token prior to expiry is important for ensuring that your chat application is a great user experience.
Need some help?
We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Stack Overflow Collective or browsing the Twilio tag on Stack Overflow.