OAuth access token / refresh token behaviour

I’m writing an Alexa Skill that integrated into Jira via Account Linking, which uses OAuth 2.0.

The integration works great, and the Alexa ecosystem does a great job of managing the Account Linking and initial access token request from:


However, that token expires (after 20 to 30 minutes?) and the Alexa skill does not refresh the token. I have this URL configured in Alexa as the refresh URL:


Is it possible to confirm that the refresh end point meets the specification required by Alexa:


I’ve also seen mention of an “offline_access” scope. What is this, and where is it documented?

Thank you in advance for your help!

1 Like

I’ve just answered my own question (again)!



A refresh token can be returned with the access token in your initial authorization flow. To do this, add the offline_access scope to the scope parameter of the authorization URL.