You can use the Access Token for one hour until it expires. To get a new Access Token
for continued use, use the same expired token and the
get_token call to be
provided a new Access Token. (OAuth Session 1.0 Draft 1, Section 4)
The call looks similar to this:
Table 4.7. Refresh Access Token (get_token) Request Parameters
||A random string (OAuth Core 1.0 Spec, Section 8)|
||Consumer Key provided to you when you sign up on the registration page.|
||The signature method that you use to sign the request. This can be PLAINTEXT or HMAC-SHA1.|
||The concatenated Consumer Secret and Token Secret separated by an "&" character. For more information about signing requests, refer to Signing Requests to Yahoo.|
||Current timestamp of the request. This value must be +-600 seconds of the current time.|
||OAuth version (1.0).|
||The expired Access Token.|
||The persistent credential used by Yahoo to identify the Consumer after a User has authorized access to private data. Include this credential in your request to refresh the Access Token once it expires.|
The response to refreshing an Access Token is identical to the original request.
The Consumer Secret, Access Token Secret, and Session Handle Should be treated as private data on your Web server.