API access tokens are short-lived credentials used to authenticate and authorize API requests. They are included in request headers to grant access to protected resources without requiring user credentials each time. To enhance security, they must have expiration times and require renewal through refresh tokens.
If cached authentication information is out of date, the validity of the authentication information may be questionable.
Check
Verify API access tokens are configured to expire according to organizational defined parameters.
If API access tokens are not configured to expire according to organizational defined parameters, this is a finding.
Fix
Build or configure API access tokens to expire according to organizational defined parameters.