Social accounts will become disconnected from time to time. Whilst this can be frustrating, it's good to keep in mind that this is normal behaviour and is usually the result of the social network making a change to keep your account safe and secure.
Connections between Buffer Publish and your social accounts require access tokens, which can expire for a number of reasons, including password changes and explicit lifespans of an access token. This guide aims to provide a deeper knowledge of access tokens, and how and when they might expire, resulting in you needing to reconnect a social account.
📝 We'd recommend enabling the "Update Failures" notification so you'll receive an email whenever a post fails to send, which could indicate that your social account is disconnected. You can do this by clicking your profile avatar at the top right of your dashboard and then clicking on Preferences. From there, select the Notifications tab and toggle the "Update Failures" notification to Enabled.
Regardless of social network, the access token will expire and you will need to reconnect your account under the following circumstances:
- If the username or password of the social account is changed: Changing your social account username or password will result in that social network removing Buffer Publish's access to your account, because the original credentials that were used to authenticate the account no longer exist. To correct this, head over to your Publish dashboard and reconnect the social account immediately after changing your username or password.
- If Buffer's access to the social network has been revoked: Each social network has an area where third party apps can be granted authorization to access your account. If Buffer's access is revoked or altered, this will result in the loss of the access token and your account being disconnected. To correct this, head over to your Publish dashboard and reauthorize the social account. Below you will find links to the area within each social network where third party apps can be granted authorization:
Social network specific guidelines
In addition to the reasons outlined above, each social network also has their own policies on access tokens and when they might expire.
Facebook and Instagram
We have found that Facebook and Instagram accounts connected to Publish do require reconnecting more often than some other social networks. Facebook state that access tokens usually have a lifetime of about 60 days, which means your account will need to be reconnected at that point. The use of words like "usually" and "about" in their policy does make it a little ambiguous, and therefore tricky for us to estimate when your social account might need reconnecting. We're sorry we can't provide a more definitive answer on this one.
Below are some of the other reasons an access token may expire:
- You no longer have Admin access (for Facebook pages).
- You are publishing identical posts to several accounts at exactly the same time. More guidance on this can be found here.
- You are logging into your account from many different IP addresses (for instance, if several folks have the email and password login information for your account).
- You are often logging in and out of several different accounts.
Facebook's policy wording:
User access tokens come in two forms: short-lived tokens and long-lived tokens. Short-lived tokens usually have a lifetime of about an hour or two, while long-lived tokens usually have a lifetime of about 60 days. You should not depend on these lifetimes remaining the same - the lifetime may change without warning or expire early.
Twitter accounts connected to Publish should not require frequent reconnection, since the access tokens they issue do not have specific lifespans or expiry dates. That said, we do see Twitter accounts becoming disconnected from time to time, usually due to accounts being suspended due to duplicate content being published, or other spam-like behaviour. Learn more about the limitations with sharing duplicate content on Twitter here.
Twitter's policy wording:
Access tokens are not explicitly expired. An access token will be invalidated if a user explicitly revokes an application in the their Twitter account settings, or if Twitter suspends an application. If an application is suspended, there will be a note on the apps.twitter.com page stating that it has been suspended.
LinkedIn accounts connected to Publish will require reconnecting every 60 days, since that's the lifespan of the access tokens granted by LinkedIn. Other reasons that an access token from LinkedIn might expire include:
- You no longer have Admin access (for LinkedIn pages).
- You are publishing identical posts to several LinkedIn accounts at exactly the same time. More guidance on this can be found here.
LinkedIn's policy wording:
Access Tokens stay valid until the number of seconds returned in the *expires_in field in the API response. A user can go through the OAuth flow on multiple clients (browsers or devices) and simultaneously hold multiple valid access tokens as long as the same scope is requested. If the user requests a different scope than the previously granted scope, then all the previous access tokens are invalidated.
*expires_in — The number of seconds remaining, from the time it was requested, before the token will expire. Currently, all access tokens are issued with a 60 day lifespan.
Pinterest accounts connected to Publish should not require frequent reconnection, since the access tokens they issue do not have specific lifespans or expiry dates.
Pinterest's policy wording:
Your app will call the API to exchange the authorization code for an access token, which is a permanent credential (unless the user revokes your access). You'll use the access token to perform actions on Pinterest on your user's behalf.