Configurable access token expiry duration now generally available!

Hi Community, 

We’re excited to announce that we released configurable access token expiry duration to help you enhance your security protocols. 

Sysadmins can now set expiration durations for access tokens (both user access and OAuth 2.0 tokens) within their plan. If left unset, the tokens will maintain their current behavior. However, once expiry durations are defined, all existing and future tokens within the plan will adhere to this duration, automatically getting revoked upon expiry. This mitigates the risk of indefinite access in the case of access tokens getting compromised.

This feature is available to SysAdmins on Enterprise plans in the Commercial US and Commercial EU environments. You can set access token expiry durations in the Smartsheet Admin Center.

Learn more about configurable access token expiry durations.

You can also stay informed by subscribing to receive product release updates for curated news of recently released product capabilities and enhancements for the platform of your choosing, delivered to your inbox. As new releases occur, you will receive a weekly email with news of what's released every Tuesday. 


Lekshmi Unnithan

Senior Product Marketing Manager