# Managing access tokens (LINE Login v2.0)
The access tokens managed through the LINE Login API verifies that an app has been granted permission to access user information (such as user IDs, display names, profile images, and status messages) saved on the LINE Platform.
This topic explains how to manage access tokens using LINE Login v2.0 endpoints.
This is an older version (v2.0) of the documentation.
To learn how to do this using the latest version of LINE Login (v2.1), see Managing access tokens.
# Get the user's access token
An access token is returned by the LINE Platform once user authentication is complete.
At this point, you can assume the app has permission to access user information.
To learn more, see:
An access token is valid for 30 days after being issued. Any response with an access token also includes the number of seconds until the token expires in the
# Refresh tokens
A refresh token is returned along with an access token once user authentication is complete.
When an access token expires, you can use a refresh token to get a new one.
To learn more, see Refresh access token in the LINE Login v2.0 API reference.
A refresh token is valid for up to 90 days after its corresponding access token was issued.
If the refresh token expires, you must prompt the user to log in again to generate a new access token.
# Verify access tokens
Verify any access token that you receive from an app or external server before using it on your own servers.
To learn more, see Verify access token validity in the LINE Login v2.0 API reference.
When the LINE Login API successfully verifies an access token, its response contains a
client_id property (the channel ID) and an
expires_in property (the amount of time until the token expires). Make sure that these properties satisfy the following criteria before you use the access token.
| ||Channel ID of the LINE Login channel linked to your app|
| ||A positive value|