Overview
The API authorization overview will teach you how to obtain an access token, which you need to access protected API resources. Learn about the Dwolla Connect API auth scheme and token lifetime.
Dwolla utilizes the OAuth 2 protocol to facilitate authorization. OAuth is an authorization framework that enables a third-party application to obtain access to protected resources (Transfers, Funding Sources, External Parties etc.) in the Dwolla API. This section covers application authorization via server-to-server API calls which is a process by which two servers communicate with each other to authorize access to protected resources.
Token lifetime
Access tokens are short lived: 1 hour. To refresh authorization on an application access token, your application will simply exchange its client credentials for a new app access token. Any access tokens that have been previously initialized will not be invalidated with the creation of a new one; they will simply expire within an hour of the time of their creation.