Best practices for keeping your social channels connected
Social channels will need to be refreshed from time to time. While this can be frustrating, it's good to keep in mind that this is normal behavior and is usually the result of the social network making a change to keep your account safe and secure.
Connections between Buffer and your social channels require access tokens, which can expire for a number of reasons, including password changes and explicit lifespans of an access token (dictated by the social networks themselves). This guide aims to provide a deeper knowledge of access tokens, and how and when they might expire, resulting in you needing to refresh a channel.
📝 We'd recommend enabling the "Update Failures" notification so you'll receive an email whenever a post fails to send, which could indicate that your channel's access token has expired. You can do this by clicking your profile avatar at the top right of your dashboard and then clicking on Preferences. From there, select the Notifications tab and toggle the "Update Failures" notification to Enabled. Learn more about Enabling Notifications here.
General guidelines
Regardless of social network, the access token will expire and you will need to refresh your channel under the following circumstances:
- If the username or password of the social channel is changed: Changing your social channel username or password will result in that social network removing Buffer's access to your account, because the original credentials that were used to authenticate the account no longer exist. To correct this, head over to your Buffer dashboard and refresh the channel immediately after changing your username or password.
- If Buffer's access to the social network has been revoked: Each social network has an area where third party apps can be granted authorization to access your account. If Buffer's access is revoked or altered, this will result in the loss of the access token and your social channel will need to be reauthorized. Below you will find links to the area within each social network where third party apps can be granted authorization:
Social network specific guidelines
In addition to the reasons outlined above, each social network also has their own policies on access tokens and when they might expire.
Facebook and Instagram
We have found that Facebook and Instagram accounts connected to Buffer do require refreshing more often than some other social networks. Facebook state that access tokens usually have a lifetime of about 60 days, which means your account will need to be refreshed at that point. The use of words like "usually" and "about" in their policy does make it a little ambiguous, and therefore tricky for us to estimate when your channel might need refreshing. We're sorry we can't provide a more definitive answer on this one.
Below are some of the other reasons an access token may expire:
- You no longer have admin access (for Facebook Pages).
- You are publishing identical posts to several accounts at exactly the same time.
- You are logging into your account from many different IP addresses (for instance, if several folks have the email and password login information for your account).
- You are often logging in and out of several different accounts.
Facebook's policy wording:
User access tokens come in two forms: short-lived tokens and long-lived tokens. Short-lived tokens usually have a lifetime of about an hour or two, while long-lived tokens usually have a lifetime of about 60 days. You should not depend on these lifetimes remaining the same - the lifetime may change without warning or expire early.
X/Twitter
X/Twitter accounts connected to Buffer should not require frequent refreshing, since the access tokens they issue do not have specific lifespans or expiry dates. That said, we do see the access token for X/Twitter channels expiring from time to time, usually due to the X/Twitter channel being suspended due to duplicate content being published, or other spam-like behavior. Learn more about Using X/Twitter with Buffer.
X's/Twitter's policy wording:
Access tokens are not explicitly expired. An access token will be invalidated if a user explicitly revokes an application in the their Twitter account settings, or if Twitter suspends an application. If an application is suspended, there will be a note on the apps.twitter.com page stating that it has been suspended.
LinkedIn channels connected to Buffer will require refreshing every 60 days, since that's the lifespan of the access tokens granted by LinkedIn. Other reasons that an access token from LinkedIn might expire include:
- You no longer have Super Admin access (for LinkedIn pages).
- You are publishing identical posts to several LinkedIn accounts at exactly the same time. Learn more about our Best practices for scheduling content.
LinkedIn's policy wording:
Access Tokens stay valid until the number of seconds returned in the *expires_in field in the API response. A user can go through the OAuth flow on multiple clients (browsers or devices) and simultaneously hold multiple valid access tokens as long as the same scope is requested. If the user requests a different scope than the previously granted scope, then all the previous access tokens are invalidated.
*expires_in — The number of seconds remaining, from the time it was requested, before the token will expire. Currently, all access tokens are issued with a 60 day lifespan.
Pinterest channels connected to Buffer should not require frequent refreshing, since the access tokens they issue do not have specific lifespans or expiry dates.
Pinterest's policy wording:
Your app will call the API to exchange the authorization code for an access token, which is a permanent credential (unless the user revokes your access). You'll use the access token to perform actions on Pinterest on your user's behalf.