Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

API Token expires without any notification. How to prevent that?

Abhi Srivastava
Abhi Srivastava
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 5, 2023

Hi team,
Greetings!

At times, the API token expires without giving any notification. It has been at two scenarios:
1.) While trying forge login command in CLI: it gives cannot login invalid credentials, then I went to check my token it was revoked automatically. I created new and tried forge login with new token it worked.

2.) While developing forge application: we were using the rest api and while using that we were passing email id and token as basic auth but I was getting error as “Uncaught (in promise) Error: There was an error invoking the function - Unexpected token < in JSON at position 0”

I am aware that the API token has no expiration until we revoke, but I am unable to get why my token expires. Even if it expires it does not give any email notification.
Could you please guide us on this.

Answer
Watch
Like Be the first to like this
565 views

1 answer

1 accepted

0 votes
Answer accepted
Mahtab
Mahtab
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 26, 2024

Hi team,

By design, the User API tokens do not expire by default (This will however change soon per the new announcements from Atlassian )

So for the existing APIs that has been created to this date, when we set them up, there is no expiration date to be selected, and they are valid until they are intentionally revoked. Source: View user API tokens

 The main reason if the token would get revoked by Atlassian is if they are being used in public spaces as described in the following documentation: 

 Referring to Understand user API tokens , your org admin can also manage the user tokens and revoke if they see it necessary. So that is another possibility as we have seen org admins try to clean up user tokens without consulting with their users.  

https://admin.atlassian.com/o/ORGID/api-tokens

Hope this helps

View More Comments
Jesse Lambertson _IU_
Jesse Lambertson _IU_ February 18, 2025

Curious, is there a way to get notifications for API user tokens before they expire?  Thank you

Like # people like this
Tom Davies
Tom Davies
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 18, 2025

having only the User API token page https://admin.atlassian.com/ isn't the best. We have several API's that are attached to some api users. Having to manually check in the https://admin.atlassian.com/ isn't ideal. Surely there is an alert of some sort that can be created? Even an email would suffice for now

Like Jesse Lambertson _IU_ likes this
Jesse Lambertson _IU_
Jesse Lambertson _IU_ February 24, 2025

agreed

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events