What to do when an access token expires in Salesforce

Last updated: May 15, 2025

Salesforce is one of the most popular customer relationship management (CRM) platforms available for businesses of all sizes and industries, and it offers robust security measures. It uses OAuth 2.0, a means of digital third-party authorization, to provide quick access to resources and login information for the users of connected apps — all via a tool known as an access token.

However, these tokens sometimes expire after a certain amount of time, for security reasons. When a Salesforce access token expires, users must find a way to renew or refresh the token to maintain access to that application. Let’s explore what makes Salesforce access tokens work in the first place and how to handle their expiration.

How access tokens in Salesforce work

An access token in Salesforce is a digital value that represents a session ID for a user. When a user inputs a token to access an app that’s connected to Salesforce, the token acts as a replacement for typical Salesforce credentials to authenticate the user’s information.

The OAuth 2.0 authorization framework is the industry standard for a third-party authorization protocol. In use for over a decade, this standard ensures developers of apps connected to platforms like Salesforce can allow their users to share information about their accounts with third-party applications connected to those platforms.

The access token is essentially the currency of OAuth 2.0, enabling authorized and secure connections between apps to safely transfer sensitive information. In this case, Salesforce hosts the resources on a secure resource server, and the token acts as a key that connects the two.

Imagine these access tokens that OAuth 2.0 generates as digital versions of real-life game tokens: They act as one-off, secure, and non-counterfeitable virtual objects that allow the individuals using them to access a Salesforce-connected app, like Jotform for Salesforce.

What to do when a Salesforce access token expires

In order to maintain security for both the user and the app, Salesforce tokens have a limited lifespan. If a user waits too long to apply the token — typically more than two hours — the Salesforce access token will expire, forcing them to refresh the token or acquire a new one altogether.

Refresh tokens are directly granted by OAuth-enabled connected apps, according to their unique policies. They can automatically grant refresh tokens for certain users based on previous logins, provide time-stamped windows for using these tokens, or use other factors to grant access.

On the Salesforce help page, information directs the user to do the following:

Check if refresh tokens are provided
Continue to access any OAuth-enabled connected applications —no need to reauthorize when the original access token expires
The app directly exchanges the original access token for a refresh token to start a new session.

Whenever someone uses an issued token, they only have to request a refresh token if they’ve ended their session. The window of time when the token is available doesn’t affect the length of a user session. For example, if a user is on the app for two hours, but you’ve set a refresh token policy to expire the token after one hour, they won’t have to reauthenticate after one hour.

For users of Salesforce-connected apps, reaching out about a refresh token requires what’s known as an “API call.” This is a message sent to a server requesting services, information, or, in this case, access (or renewed access) to elements of the API. Be sure to use the refresh token as quickly as possible to avoid being locked out of your apps for even longer.

How to access tokens work with Jotform for Salesforce

Like any Salesforce-connected app, Jotform for Salesforce uses access tokens to quickly validate Salesforce users on our platform in just a few steps.

Go to the Home page. Under Platform Tools, select Apps.

Salesforce screen, arrow pointing to "Apps" in Platform Tools

From the dropdown menu under Connected Apps, choose Connected Apps OAuth Usage.

Salesforce screen, arrows pointing to "Connected Apps" and "Connected Apps 0Auth Usage" in the "Apps" menu

If it’s not already installed, click Install.

Salesforce screenshot, showing Connected Apps 0Auth Usage, arrow pointing to Jotform under "Manage App Policies"

Locate the app you want to modify and click the Manage App Policies link next to it. Then, click the Edit Policies button to proceed.

Jotform edit screen in Salesforce, arrow pointing to "Edit Policies"

You’ll now see the current refresh token policies for the app.

Jotform policies screen, arrow pointing to 0Auth Policies

Scroll down to OAuth Policies, where you can adjust token policies. However, proceed with caution — altering these settings could cause permission problems.

Consult our guide to understand more about refresh tokens in Salesforce.

With thousands of apps on its AppExchange marketplace, Salesforce provides access to a variety of third-party capabilities to enhance the user experience. By understanding the use of access and refresh tokens, and by ensuring your safe transfer of login credentials when using these apps, your Salesforce experience can be a seamless, secure process.

Photo by ANTONI SHKRABA production

Jotform is now on Salesforce AppExchange!

Get It Now

Was this article helpful?

Yes

We're sorry to hear that. What problem did you have with the article?

How can we improve this article?

What did you like best about this article?

AUTHOR

Jotform Editorial Team

Jotform's Editorial Team is a group of dedicated professionals committed to providing valuable insights and practical tips to Jotform blog readers. Our team's expertise spans a wide range of topics, from industry-specific subjects like managing summer camps and educational institutions to essential skills in surveys, data collection methods, and document management. We also provide curated recommendations on the best software tools and resources to help streamline your workflow.

RECOMMENDED ARTICLES

What is Salesforce and how do you use it?

ServiceNow vs Salesforce: Features, pricing, pros, and cons

Webinar: Introducing Jotform for Salesforce

6 of the best Salesforce-WordPress integration tools

Flexible Data Integration with Salesforce

Dreamforce 2023 recap: A look at Jotform’s first Dreamforce

Jotform is excited to make waves at Dreamforce 2023

Pipedrive vs Salesforce: Which CRM is right for you?

How to create a Salesforce relationship map

Duplicate management in Salesforce

Zoho vs Salesforce: Features, pricing, pros, and cons

What are record types in Salesforce?

Oracle vs Salesforce: Which is the right CRM tool for you?

How to use Salesforce basics for your business workflow

An architectural audio company improves customer communication with Jotform and Salesforce

How to clone objects and records in Salesforce

Making the most of Dreamforce 2024 in San Francisco

What is the purpose of AppExchange in Salesforce?

When to use Salesforce’s Process Builder vs Workflow Rules

How to use a Salesforce authentication token

What are standard objects in Salesforce?

How to create Salesforce Attachment objects

How to use a lookup field in Salesforce

A guide to lead conversion in Salesforce

Salesforce roles and profiles explained

How to access AppExchange in Salesforce

How to deactivate or delete a user in Salesforce

How to streamline Salesforce donation management

How CoverManager uses Jotform for Salesforce to help thousands of restaurants thrive

How to create Salesforce custom address fields

Salesforce debug logs: A comprehensive guide

Blackbaud vs Salesforce

What is application lifecycle management in Salesforce?

Webinar! Jotform for Salesforce: New features you need to know

Top 27 Salesforce consulting companies

How to add multiple approvers in Salesforce

Top 10 NetSuite alternatives in 2025

Salesforce vs SugarCRM: Features, pricing and more

What are the file size limits in Salesforce?

Jotform and Salesforce help an event production company collect lead info and client assets

How to solve the Field Filter Validation Exception error in Salesforce

Announcing 5 features to supercharge Salesforce + Jotform

Announcing 150 Salesforce form templates

Do even more with the updated Jotform + Salesforce integration

Best Salesforce alternatives for 2025

How to collect purchase orders in Salesforce

HubSpot vs Salesforce: Which is best for your company?

A community organization uses Salesforce and Jotform to help strengthen families

How to create Salesforce searchable fields

Common Salesforce error messages and how to address them

A U.K. charity overhauls its fund application & distribution processes with Jotform and Salesforce

Salesforce Health Cloud: Pricing, features, and benefits

What is Salesforce DKIM, and how do you set it up?

Best Salesforce apps of 2025 to explore

Salesforce Professional vs Enterprise

The top Salesforce events in 2024

How to capture leads in Salesforce

How to create a custom object in Salesforce

How to set up a Google Forms-Salesforce integration

How a fintech firm uses Jotform and Salesforce to help home buyers

How to fix a bad value for a restricted picklist field in Salesforce

Salesforce Surveys Pricing: Analysis of Salesforce Feedback Management system

19 excellent benefits of Salesforce for your business

What you need to know about document generation in Salesforce

How to set up a Microsoft Forms-Salesforce integration

Top 6 Salesforce survey tools

What is Salesforce OmniStudio and how can you use it?

How to create synchronized workflows with Jotform and Salesforce

The top 3 Salesforce payment gateways and how to use them

What’s the difference between a lead vs opportunity in Salesforce?

What are Salesforce report types?

How to use the Notes object in Salesforce with Jotform

Announcing Jotform for Salesforce

The ultimate Salesforce glossary

Salesforce vs SAP: A detailed comparison

NetSuite vs Salesforce: Features, pricing, pros, and cons

How to create a global picklist in Salesforce

5 Salesforce hacks you need to learn

5 best Titan alternatives for Salesforce

Come see us at Dreamforce 2024

How to create an email template in Salesforce

How to set up Salesforce payment processing

Salesforce pricing plans: What you need to know

How to solve an Insufficient Privileges error in Salesforce

Zendesk vs Salesforce: Features, and pricing, and more

Send Comment:

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Be the first to comment.