Token Validity for OAuth Authentication I Zoho People API

Token Validity

Grant Token (Authorization code)

Grant token is a one-time use token and valid for two minutes, by default. If you want to extend the expiry time, choose the required time from the drop-down while generating the token from the developer console (applicable only to self-clients).
You can generate a maximum of 10 grant tokens in a span of 10 minutes per client ID.

Access Token

Each access token is valid for one hour.
You can generate a maximum of 10 access tokens in a span of 10 minutes.
When you generate the 11th access token, the first created access token will be deleted.

Refresh Token

Refresh tokens do not expire until a user revokes them.
You can generate a maximum of 10 access tokens from a refresh token in a span of 10 minutes.
You can generate a maximum of 20 refresh tokens in a span of 10 minutes per client ID.
When you generate the 21st refresh token, the first created refresh token gets deleted.