FAQ Client ID and Client Secret credentials will not expire, although they may be rotated or deactivated if they are compromised. Access tokens will expire after 1 hour - the "expires at time" is returned in the /token response.