5

In Braintree, When I generate a client token with a $customerId, how reliable is it to save that client token to database and re-use it later on?

I always have a user corresponding to a $customerId and it would greatly reduce the number of calls to Braintree if I could re-use the token.

Does the token ever expire? There is no mention of that in the official docs.

Thanks a lot!

Pavel Denisjuk
  • 1,475
  • 12
  • 13
  • 1
    > The client token is not intended to be reused and will be revoked if a > single client token is used multiple times in a short time span. Can anybody find information about this in the Braintree documentation? There is [nothing about it here](https://developers.braintreepayments.com/reference/request/client-token/generate/php), nor in the page that Kathryn Exline linked above. – Scott Phillips May 15 '17 at 15:45

3 Answers3

7

Full disclosure: I work as a developer for Braintree

The client token is not intended to be reused and will be revoked if a single client token is used multiple times in a short time span. You can read more about the client token in this part of the Braintree documentation. ​

Kathryn Exline
  • 417
  • 2
  • 7
  • 1
    is it ok to reuse the client token in the sandbox environment? – Arthi Jan 25 '17 at 18:41
  • Is it still is the case in 2022. Braintree documentation (https://developer.paypal.com/braintree/docs/guides/authorization/overview) states that it is reusable upto 24 hours, Deactivation - At Braintree's discretion prior to JWT expiration (what this means?) – oneworld Aug 10 '22 at 18:07
2

This was a thing before 2019. In 2019 they changed the client token behavior so now it is granted for 24 hours and can be reused unless it was granted for specific CustomerId https://www.braintreepayments.com/blog/changes-to-client-tokens-are-coming/

Artem Nizelnyk
  • 21
  • 1
0

The client token is a JWT. You'll need to base64 decode, to view the authorizationFingerprint. Then, split the authorizationFingerprint using ".", as the delimiter, and base64 decode the [1] position of the resulting array, and you'll see the "exp" param.

James Bowler
  • 2,194
  • 2
  • 17
  • 23