hey @BarryCarlyon, I got myself a “code” to use in the Access Token. First question, for how long will this code work? And second, in step 4 the docs says " However, you should build your applications in such a way that they are resilient to token authentication failures. In other words, an application capable of refreshing tokens should not need to know how long a token will live. Rather, it should be prepared to deal with the token becoming invalid at any time. " What do you recommend doing here? Should I check when a response is token expired ? or just set a timeout that runs when the time should be over for a new AT?