Token types

This describes the types of tokens issued by Transmit, how to obtain them, and other usage details.

Tokens Used to Obtained Consumed by Default TTL
ID tokens Identify users and get their profile data Returned upon user authentication App 1 hour
User access tokens Grant user access to your app or authorize Transmit actions that require a logged-in user Returned upon user authentication App and Transmit 1 hour
Client access tokens Authorize app-level management actions (magic link auth, updating user profiles, etc.) Generated using end-user app client creds Transmit 1 hour
Admin access tokens Authorize backend services to perform tenant-level management actions (retrieving all users, etc.) Generated using management app client creds Transmit 1 hour
Refresh tokens Renew expired tokens for offline access Returned upon user authentication Transmit 14 days
Reset tokens Reset passwords Returned when user authenticates for a reset flow Transmit 5 min
  • Access token and refresh token time-to-live can be customized by creating resources .
  • All tokens are JWT, except for refresh tokens.
  • You can only refresh ID and user access tokens. See guide .