Skip to main content
modiva.ai
← All glossary terms

Glossary

What is an API access token?

An API access token is a string an app sends with each request to prove it's authorized to call an API. Tokens are scoped to specific permissions and usually expire, at which point a refresh token gets a new one.

Access vs refresh tokens

An access token is short-lived and sent on every request; a refresh token is long-lived and used to obtain new access tokens without re-prompting the user to log in.

Why tokens expire

Short lifetimes limit the damage if a token leaks. Automatic refresh keeps the connection alive without sacrificing that security.

Tokens in Modiva

Modiva stores each platform's tokens envelope-encrypted and refreshes them automatically. You authenticate to Modiva with your own key and never juggle platform tokens.

FAQ

What's the difference between an API key and an access token?

An API key typically identifies an app; an OAuth access token represents a user's granted permissions. Modiva uses scoped keys/tokens and stores platform tokens for you.

Do I have to refresh tokens myself?

Not with Modiva — it refreshes platform tokens automatically behind one stable endpoint.

See it in Modiva

Start free

Related terms

What is OAuth (and how does social login work)?What is a social media API?What is an MCP server?What is the Model Context Protocol (MCP)?