The primary method for creating a customer-specific Bearer token is the Authorization Code grant type. This is the standard 3-legged OAuth used in many web applications. It is considered one of the most secure methods of getting a token. All Zebra Bearer tokens last for one hour but can be refreshed using the previous token.