Generating a Refresh Token

note

Refresh tokens generated on or after March 18, 2026, now have a fixed maximum lifetime of 365 days. After this period, they are no longer automatically extended and will expire. Refresh tokens generated before this date are not impacted by this change.

For security, Flexera One does not store long-lived refresh tokens. The interface that generates the token is the only time it will be available. If the user fails to copy the token at this time, they should revoke the token (see Revoking an API Refresh Token), and generate a new one. A token is valid for 365 days and automatically expires afterward.

To generate a refresh token:

1. In a Web browser, access one of the following URLs based on the server location of your account:

   • For accounts in North American, log in to app.flexera.com.

   • For accounts in Europe (EU), log in to app.flexera.eu.

   • For accounts in APAC, log in to app.flexera.au.

   The Flexera One login page appears.

2. Log in to your account.

3. In the upper-right corner of the page, click the Profile details icon, and then select User Settings.

4. In the left pane, click API Credentials, and then click Create API Refresh Token. The New API Refresh Token pop-up window opens.

5. Click Copy to copy the refresh token and then save it to a secure location for future reference.

   note

   Consider the following:

   • When you close the pop-up window, the refresh token will no longer be accessible.

   • There is no limit on the number of active Flexera One API refresh tokens that a user may have.