Skip to content

Auth Token Lifecycle Workflow

Fresh

Overview

This workflow covers the complete Bearer Token lifecycle — from initial sign-in through automatic refresh to error recovery.

Sequence Diagram

Decision Flow

Implementation Pattern

python
import time
import requests

class MultiloginAuth:
    def __init__(self, email, password):
        self.email = email
        self.password = password
        self.token = None
        self.token_time = 0
        self.base_url = "https://api.multilogin.com"

    def sign_in(self):
        resp = requests.post(f"{self.base_url}/user/signin", json={
            "email": self.email,
            "password": self.password
        })
        data = resp.json()
        self.token = data["data"]["token"]
        self.token_time = time.time()

    def get_token(self):
        # Refresh proactively at 25 min (before 30 min expiry)
        if not self.token or (time.time() - self.token_time) > 1500:
            if self.token:
                try:
                    self._refresh()
                except Exception:
                    self.sign_in()
            else:
                self.sign_in()
        return self.token

    def _refresh(self):
        resp = requests.post(f"{self.base_url}/user/refresh_token",
            headers={"Authorization": f"Bearer {self.token}"})
        data = resp.json()
        self.token = data["data"]["token"]
        self.token_time = time.time()

Key Rules

Token Lifetime

Regular tokens expire after 30 minutes. Always refresh at the 25-minute mark to avoid mid-request failures.

Automation Token

For automated workflows, use the automation token — it has higher rate limits and a longer lifetime.

See Also