Skip to main content

UPS OAuth token lifespan change

UPS is updating its OAuth API security model to improve security. Starting April 1, 2026, the lifespan of OAuth tokens will change from 4 hours to 1 hour. This update impacts how integrations manage token refresh logic.

UPS is updating its OAuth API security model to improve security. Starting April 1, 2026, the lifespan of OAuth tokens will change from 4 hours to 1 hour. This update impacts how integrations manage token refresh logic.

What is changing?

OAuth token validity will be reduced from 4 hours to 1 hour.

Integrations must generate a new token every hour to maintain uninterrupted access to UPS Developer APIs.

Impact on integrations

If your integration is hardcoded to refresh tokens every 4 hours, it will fail after 1 hour and return invalid credentials errors.

If your integration uses the expires_in value from the token response or refreshes dynamically when encountering errors, no changes are required.

Action required

No Action Needed if:

  • Your integration uses the expires_in value from the Generate Token response.
  • Your integration refreshes tokens dynamically when an invalid credentials error occurs.

Action Needed if:

  • Your integration is hardcoded to refresh tokens every 4 hours. Update your logic to refresh tokens every hour or based on the expires_in value.

UPDATED: December 03, 2025