Understanding Token Expiration

OAuth tokens are what allow bluekona.ai to securely access your social media analytics. Understanding how they work and managing their expiration is key to uninterrupted service.

What Are OAuth Tokens?

Simple Explanation

When you connect a social media account to bluekona.ai, you don't give us your password. Instead, the platform gives bluekona.ai a special "key" (token) that grants read-only access to your analytics.

Technical Explanation

OAuth (Open Authorization) tokens are:

• Secure credentials issued by social media platforms
• Time-limited for security purposes
• Specific to bluekona.ai (can't be used elsewhere)
• Revocable by you anytime
• Read-only (cannot post or modify your content)

Think of it like: A hotel room key card that:

• Works only for your room (specific access)
• Expires on checkout day (time-limited)
• Can be deactivated anytime (revocable)
• Doesn't work for other hotels (platform-specific)

Why Tokens Expire

Security Reasons

Protects your account:

• Limits damage if token somehow leaked
• Reduces risk window for security breaches
• Forces periodic re-authentication
• Ensures you still want app to have access

Industry standard:

• All major platforms use token expiration
• Recommended by OAuth security guidelines
• Required by some data protection regulations

Benefit to you:

• Regular check that authorized apps are still needed
• Opportunity to review what apps can access
• Forces removal of forgotten authorizations

Platform Policies

Each platform sets its own expiration schedule:

*Indefinite until manually revoked or password changed

Token Lifecycle

Phase 1: Active (Days 1-45)

Status: Connected (Green)

What's happening:

• Token fully functional
• Data syncing normally
• Audits run without issues
• No action needed

What you see:

• "Connected" status
• Last sync timestamp updating
• Successful audit runs

Phase 2: Expiring Soon (Days 46-55)

Status: Token Expiring Soon (Yellow)

What's happening:

• Token still works
• Expiration approaching
• Warning displayed

What you see:

• "Token Expiring Soon" status
• Notification/warning message
• Days until expiration shown

Recommended action:

• Reconnect proactively
• Avoid last-minute rush
• Ensure uninterrupted service

Phase 3: About to Expire (Days 56-60)

Status: Token Expiring Soon (Orange)

What's happening:

• Token still functional but urgent
• Less than 5 days remaining
• Multiple warnings

What you see:

• Orange warning indicator
• Urgent notification
• Countdown to expiration

Recommended action:

• Reconnect immediately
• Don't wait until expiration
• Takes only 2 minutes

Phase 4: Expired (Day 61+)

Status: Token Expired (Red)

What's happening:

• Token no longer works
• Data sync stopped
• Cannot run new audits

What you see:

• "Token Expired" status
• Red error indicator
• "Reconnect" button prominently displayed

Required action:

• Must reconnect to restore access
• Historical data still safe
• New audits won't work until reconnected

How to Reconnect

Step-by-Step Process

1. Identify Expired Connection

Go to Settings > Social Connections

Look for accounts with:

• Red "Expired" status
• Orange "Expiring Soon" status
• Yellow warning indicators

2. Click Reconnect

Click the Reconnect or Refresh Token button next to the expired account.

3. Re-authorize

You'll be redirected to the platform's OAuth page:

On the platform:

1. You're already logged in → Proceeds automatically
2. Not logged in → Log in first
3. Review permissions
4. Click "Authorize" or "Allow"

Permissions:

• Same permissions as initial connection
• Can't reduce permissions (bluekona.ai needs them)
• Quick process (usually <30 seconds)

4. Confirm Restoration

After authorization:

• Redirected back to bluekona.ai
• Status changes to "Connected"
• Token valid for another 60 days
• Data sync resumes

Total time: 1-2 minutes

Platform-Specific Reconnection

Facebook/Instagram

1. Click Reconnect
2. Redirected to Facebook
3. May ask to select Pages again
4. Confirm and authorize
5. Both Facebook and Instagram renewed

Tip: Instagram connections go through Facebook, so reconnecting Facebook also handles Instagram.

YouTube

1. Click Reconnect
2. Redirected to Google
3. Select Google account
4. Confirm permissions
5. Done

Note: YouTube tokens rarely expire, but reconnecting is same process.

X (Twitter)

1. Click Reconnect
2. Redirected to X
3. Log in if needed
4. Authorize app
5. Done

Note: X tokens typically don't expire unless manually revoked.

LinkedIn

1. Click Reconnect
2. Redirected to LinkedIn
3. Log in if needed
4. Select Company Pages
5. Authorize
6. Done

Threads

1. Click Reconnect
2. Redirected to Meta/Instagram
3. Authorize Threads access
4. Done

TikTok

1. Click Reconnect
2. Redirected to TikTok
3. Log in if needed
4. Authorize
5. Done

Note: Ensure still using Business Account.

Managing Token Expiration

Get Ahead of Expiration

Set reminders:

• Calendar reminder every 55 days
• Check connection status weekly
• Review before running important audits

Proactive reconnection:

• Don't wait for expiration
• Reconnect at "Expiring Soon" status
• Better to reconnect early than deal with disruption

Multiple Accounts

Stagger reconnections:

• Don't connect all accounts same day
• Spread connections across month
• Makes maintenance more manageable

Track in spreadsheet:

Platform | Username | Connected Date | Expires | Status
Facebook | @brand   | Oct 1, 2025    | Nov 30  | Active
Instagram| @brand   | Oct 1, 2025    | Nov 30  | Active
YouTube  | Channel  | Oct 5, 2025    | N/A     | Active
LinkedIn | Company  | Oct 10, 2025   | Dec 9   | Active

Notification Settings

Enable notifications for:

• Token expiring soon (7 days before)
• Token expired
• Connection issues
• Audit failures (may indicate expired token)

Where to enable: Go to Settings > Notifications and toggle:

• [ ] Connection status alerts
• [ ] Token expiration warnings
• [ ] Audit failure notifications

What Happens When Token Expires

Data Impact

What's preserved:

• ✅ Historical audit reports
• ✅ Past analytics data
• ✅ Previous insights and recommendations
• ✅ Your account settings
• ✅ Other connected platforms (unaffected)

What stops:

• ❌ New data collection from expired platform
• ❌ Ability to run audits for that platform
• ❌ Automatic data refreshes
• ❌ Cross-platform audits including that platform

Important: No data is lost. Everything resumes after reconnection.

Service Impact

While expired:

• Cannot run new audits for that platform
• Cross-platform audits exclude expired platform
• Connection shows error status
• Notifications sent to reconnect

After reconnection:

• Service fully restored
• Can run audits immediately
• Data sync catches up
• No data gap in analysis

Troubleshooting Token Issues

Token Keeps Expiring Early

Possible Causes:

1. Changed Password

   • Changing platform password revokes tokens
   • Must reconnect after password changes

2. Revoked Manually

   • Check platform's authorized apps
   • May have accidentally revoked
   • Reconnect needed

3. Account Security Changes

   • 2FA changes can affect tokens
   • Account security reviews may revoke
   • Normal security practice

4. Platform Policy Changes

   • Platforms sometimes change token policies
   • May affect expiration schedules
   • Usually announced in advance

Solution: Simply reconnect when needed. If happening very frequently (weekly), contact support.

Reconnection Fails

Problem: Click reconnect but get error.

Solutions:

1. Platform Login

   • Ensure can log into platform normally
   • Account may be restricted
   • Password may be incorrect

2. Browser Issues

   • Clear cookies and cache
   • Try incognito/private mode
   • Try different browser

3. Account Changes

   • Verify still have admin/manager access
   • Check account type still correct (Business, etc.)
   • Ensure account active

4. Platform Maintenance

   • Check if platform's API is down
   • Try again in 30 minutes
   • Check platform status pages

Token Revoked Accidentally

Problem: Accidentally revoked bluekona.ai access from platform.

Solution:

1. Go to bluekona.ai Settings > Social Connections
2. Click "Disconnect" to remove broken connection
3. Click "Connect [Platform]" to add fresh connection
4. Complete OAuth authorization
5. Connection restored

Result: May need to run initial audit to rebuild recent data.

Best Practices

Proactive Management

Do:

• ✅ Check connection status weekly
• ✅ Reconnect at first "expiring soon" warning
• ✅ Set calendar reminders every 55 days
• ✅ Verify connections before important audits
• ✅ Track expiration dates for multiple accounts

Don't:

• ❌ Wait until token expires
• ❌ Ignore expiration warnings
• ❌ Assume tokens never expire
• ❌ Forget to check status regularly

For Teams

Assign responsibility:

• Designate team member to monitor connections
• Weekly status checks on Mondays
• Shared calendar for expiration dates
• Slack/email reminders to reconnect

Documentation:

• Keep list of all connected accounts
• Track who has access to reconnect
• Document process for new team members

For Agencies

Client account management:

• Track all client connections separately
• Monthly status review across all clients
• Proactive client communication about expirations
• Document when tokens expire for each client
• SOP for reconnection process

Client communication template:

Subject: Action Required: Reconnect [Platform] for [Client]

Hi [Client],

Your [Platform] connection will expire in 5 days. This affects your social media audits.

Action: Please reconnect via [link] (takes 2 minutes)

Why: OAuth tokens expire every 60 days for security

What if I don't: New audits won't include [Platform] data

Thanks!

Understanding Token Security

Why Read-Only?

bluekona.ai requests only read-only permissions:

• Can view your analytics
• Cannot post content
• Cannot delete posts
• Cannot change settings
• Cannot access private messages

Can Tokens Be Stolen?

Short answer: Very unlikely, and limited damage if they were.

Protection measures:

• Tokens encrypted in transit (HTTPS)
• Tokens encrypted in database
• Tokens don't include passwords
• Read-only access only
• Time-limited (expire)
• Monitored for unusual activity

If concerned:

• Regular password changes don't help tokens
• Revoking and reconnecting reissues new token
• Review authorized apps quarterly
• Use 2FA on social accounts (not tokens)

Revoking Access

You can revoke anytime:

From bluekona.ai: Settings > Social Connections > Disconnect

From Platform: Platform Settings > Apps/Authorized Apps > Remove bluekona.ai

Effect:

• Immediate access termination
• Connection removed
• Can reconnect whenever you want

Frequently Asked Questions

Q: Do I need to keep reconnecting forever? A: Yes, it's part of OAuth security. Most platforms require it every 60 days. Some (YouTube, X) rarely or never expire unless you revoke access.

Q: Will I lose my audit history when token expires? A: No. All past audits and data remain intact. Only new data collection stops.

Q: Can I extend token validity beyond 60 days? A: No, this is set by the platform (Facebook, Instagram, etc.), not bluekona.ai. We cannot change it.

Q: Why do some platforms never expire? A: Different platforms have different security policies. YouTube and X use long-lived tokens unless manually revoked.

Q: What if I'm on vacation when token expires? A: No problem. Reconnect when you return. Your historical data is safe. You'll just have a gap in new data collection.

Q: Can someone else reconnect my account? A: Only if they have your platform login credentials. Reconnection requires authenticating with the social platform.

Q: Does changing my social media password affect tokens? A: Yes, usually. Changing platform passwords often revokes OAuth tokens. Simply reconnect after password changes.

Q: How many times can I reconnect? A: Unlimited. Reconnect as many times as needed.

Next Steps

To manage your connections effectively:

• Review connection management guide
• Set up your social connections
• Troubleshoot other common issues
• Learn about running audits

Pro Tip: Add "Check bluekona.ai Connections" to your weekly routine. Takes 30 seconds and prevents disruption from expired tokens.

Need help with token issues? Contact support or check our common issues guide.