In keeping with our commitment to researcher control of their ORCID record, they can choose to revoke any access token at any time by deleting it from permissions in the Trusted Organization list under their Account Settings.
Client credentials created after 2014-10-27 are valid indefinitely by default, but can be set to temporary (1 hour) by users during the authorization process.
For client credentials issued before 2014-10-27, access tokens to edit a researcher's record expired one hour after they were issued. Client credentials issued before 2014-10-27 can be configured to generate indefinite tokens for all scopes by contacting us.
For more information, see:
- Member Support Center: Introduction to OAuth