Hi!
Sorry, this question was just brought to my attention. For faster service on questions about the API, please do not rely on the community forum--instead, email us at stockapis@adobe.com. I rarely visit the forums because they are usually not API-related.
To your question, the reason we limit the expiration is because Stock access tokens can be used to purchase goods and are typically tied directly to your account or credit card. If your application credentials or any of your tokens were leaked, your customers could be the victims of fraud and you as the developer would be partly responsibile. So I doubt you want to take that risk, or your users unless this was an internal application.
Instead, what we can permit is for you to request a new refresh token each two weeks, rather than the same one. Currently, you receive the same refresh token with a hard-coded expiration of two weeks from the first time you request it. We can change this so that we return a new refresh token with a new expiration, so that you could keep the user perpetually signed in as long as they actively use the application. If they stop using it, then they would get signed out.
If you want to look into this possibility, please email us at stockapis@adobe.com and tell us your business use case. Again, keep in mind this adds additional risk to you and your users. We typically only allow this for internal applications where the developer and users are part of the same company or project, or an application that does not allow licensing of assets.
Thanks, and we look forward to hearing from you!
Christopher Smith
1
Reply
AdChoices