You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Product Notice: Changes to Eloqua’s OAuth 2.0 Access Token Revocation Behavior [May 2026]

in Oracle Marketing Developer Tools

Overview

With the arrival of Eloqua release 26B (May 2026), we are changing our OAuth 2.0 implementation regarding the lifecycle of Access Tokens.

What’s changing?

Currently, when a client uses a Refresh Token to obtain a new Access Token, the previous Access Token is immediately destroyed (revoked).

Starting in 26B, previously issued Access Tokens will no longer be automatically destroyed when a Refresh Token is used and will instead remain valid until their original expiration time, as specified by expires_in.

Your application may now have multiple valid Access Tokens for the same user session.

As a reminder, an Access Token is valid for 8 hours (28,800 seconds) when it is issued. A Refresh Token is valid for 12 months, or until it is used, whichever comes first.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!