Merge pull request #3007 from port-labs/PORT-16690-bug-at-one-time-a-single-jwt-api-token-is-shared-between-different-components

hadar-co · web-flow · commit 108136f6b5b3 · 2025-11-11T15:07:00.000+02:00
add token reuse note
diff --git a/docs/api-reference/port-api.info.mdx b/docs/api-reference/port-api.info.mdx
@@ -47,6 +47,13 @@ To use the API, you need to obtain an API token from your Port application:
     <img src="/img/openapi/getBearerToken.png" width="70%" border="1px" />
     An API token is valid for **3 hours**, after which you will need to generate a new one.
 
+    :::info Active token reuse
+    For each set of API credentials, there can only be one active token at a time.  
+    When a token is generated (for example, by an integration), any subsequent requests to generate a token with the same credentials will return the same active token, as long as it has not expired.
+
+    To avoid errors that might occur due to token expiration, make sure to include retry logic in your code.
+    :::    
+
 ## Size limit
 
 The body of all requests is limited to 1 MiB.
