Can someone please give me a definitive answer for the lifetime of a Customer Access Token? (I am generating one with multipass). It seems to be around 11 days but I'm wondering why this isn't documented anywhere
Also: there I've searched through many threads but have not found a conclusive answer: are there best practices for securely storing the customerAccessToken?
I'm working on an enterprise app where we're considering creating a proxy service that enables us to store the token as a HTTP only cookie. Am wondering if this is overfkill