I am fixing the "Unknown or invalid refresh token issue in our application/integration. We were able to
generate the auth URL following the documentation here: https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#enabling-oauth-2-0--3lo-
Got the code and exchange it for the Refresh and Access Token. We implemented it in our application but have observed the following:
a. What is the lifespan of the refresh token? I tested it in our integration but I still get the “Unknown or invalid refresh token issue” after several successful attempt. In my test - it expires in less than an hour.
b. In this documentation: https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#frequently-asked-questions
It says that there is a configuration option for a rotating refresh token namely Inactivity expiry time, Absolute expiry time and reuse interval or leeway.
Question: How do we configure this one.? One of the instructions I have followed is through the developer console - but upon checking, its not there.
c. Every time a refresh token expires, there is a need to initiate the entire authorization flow from the beginning again and it needs user intervention to
accept in order to provide authorization code. - Is there a way to avoid the manual approval while calling the Auth code?