At a glance
Days remaining until the merchant’s Australia Post API credentials (Shipping & Tracking API key, eParcel customer-account secret, or MyPost Business OAuth token) expire. When the count hits zero the connector silently stops fetching new shipments and tracking events; KPIs across On-Time Delivery Rate, Late Shipments, and Exception Rate all freeze at last-good values.
| What it counts | expiry_at - now in calendar days for the active credential. For OAuth-based connections, the effective figure is the refresh-token expiry, not the access-token rotation (which auto-renews silently). |
| API endpoint | Computed locally from the stored credential metadata, not fetched from Australia Post. The credential’s expires_at is recorded at OAuth handshake or API-key provisioning time and stored in the connector configuration. |
| Service-tier scope | Single credential covers all services on the merchant’s Australia Post account. eParcel and StarTrack accounts have a single API key per merchant code; MyPost Business uses OAuth with a refresh-token typically valid 6 months. |
| Geographic OTD variance | n/a (credential-level, not consignment-level). |
| Returns / RTO | n/a. |
| Climate handling | n/a. |
| Peak-period seasonality | Common merchant failure mode: the integration was set up in October pre-BFCM, the 6-month token expires mid-April, the merchant misses the alert and Australia Post data goes silent right when post-Easter operations are critical. |
| Time window | RT (real-time). |
| Alert trigger | <14 days. 14 days gives operations time to coordinate a re-auth without panic; 7 days is critical. |
| Roles | owner, operations |
Calculation
Calculated automatically from your Australia Post data. See the At a glance summary above for what the metric tracks and the worked example below for a typical reading.Worked example
The Brisbane outdoor adventure brand. Reading taken at 09:00 AEDT on 12 Mar 26. The Australia Post connector was set up on 27 Sep 25 with a MyPost Business OAuth token (6 month refresh-token validity).| Field | Value |
|---|---|
| Credential type | MyPost Business OAuth refresh-token |
| Granted at | 27 Sep 25 |
| Expires at | 27 Mar 26 |
| Days remaining | 15 |
| Alert threshold | <14 days |
- The token will expire mid-financial-year-end-prep. The merchant is in the run-up to the Australian end-of-financial-year (30 Jun) and runs a major April stocktake-clearance promotion. A silent connector for even 48 hours during that window means missing OTD alerts and missing Late Shipments counts; the operations team would not see degradation until customers complain.
- The re-auth is a 5-minute click. OAuth refresh requires the merchant owner to log into MyPost Business, navigate to Vortex IQ Connections, click “Re-authorise”. The card does not auto-renew because Australia Post requires owner-initiated consent on refresh-token expiry.
- The connector calendar reminder. The healthy pattern is to set a recurring 5-month calendar reminder on initial setup; do not rely on the alert at 14 days alone, which can be missed during peak.
Sibling cards merchants should reference together
| Card | Why pair it with Token Expiry | What the combination tells you |
|---|---|---|
| API Error Rate | First sign of an expiring credential. | Error rate creeping up on a previously-stable connection often signals approaching token expiry; both should be watched together. |
| Label Generation Success | Customer-facing impact. | Failed labels block fulfilment workflow; an expired token means zero successful labels. |
| Shipments | Volume sanity check. | A flatlined shipment count after a normally-active period is the visible symptom of an expired credential. |
| On-Time Delivery Rate | Downstream signal freeze. | OTD readings stop updating when the connector is dark. |
Cross-connector: any other connector’s *_auth_token_expiry_days | Same pattern. | Operations team should review all carrier credentials together monthly. |
Reconciling against the vendor’s own dashboard
Where to look in Australia Post’s own portal: MyPost Business → Account → API Credentials for OAuth-based connections, or Australia Post Developer Portal → My Account → API Keys for direct-API customers (eParcel, StarTrack). Both surface the credential expiry alongside scopes. Why our number may legitimately differ from Australia Post’s report:| Reason | Direction | Why |
|---|---|---|
| Timezone (AEDT/AWST) | Boundary day | Australia Post records expiry in account timezone; card stores UTC. Within 24 hours either way the two should match; a 1-day boundary is normal. |
| Refresh-token vs access-token | Card shows refresh, portal sometimes shows access | OAuth has two tokens: a short-lived access token (typically 1 hour) and a long-lived refresh token (typically 6 months). The card shows the meaningful one (refresh); the portal sometimes shows the access-token rotation timestamp. |
| Re-auth not yet propagated | Portal earlier | After the merchant re-auths, the card may show the new expiry within 5 to 30 minutes of the next sync; the portal updates immediately. |
| Card | Expected relationship | Causes of legitimate divergence |
|---|---|---|
Other connector *_auth_token_expiry_days | Independent. | Each connector has its own credential lifecycle. |
Known limitations / merchant FAQs
The alert just fired at 14 days. What do I do? Click “Re-authorise” in the Vortex IQ Australia Post connector. For OAuth-based MyPost Business connections this triggers a redirect to MyPost where the owner logs in and approves; the new refresh-token is captured automatically. For direct-API eParcel customers, regenerate the API key in the Developer Portal and paste it into Vortex IQ. Total time: 2 to 5 minutes. Can the connector auto-renew? Access tokens auto-renew silently every hour using the refresh token. The refresh token itself cannot auto-renew; Australia Post (and most OAuth providers) require owner-initiated consent on refresh-token expiry as a security control. The card surfaces this required human action. Why didn’t the connector renew quietly in the background? Two reasons: (1) Australia Post’s MyPost Business OAuth refresh tokens have a hard expiry (typically 6 months) regardless of activity. (2) eParcel and StarTrack API keys are time-bound credentials that the merchant explicitly rotates. Both are intentional security postures, the card’s purpose is to give 14 days of warning. What happens if I miss the renewal window? Day 0: connector stops fetching. Day 1+: KPIs across all Australia Post cards freeze at last-good values. Customer-facing impact: none directly (Australia Post still ships labels printed before expiry); Vortex IQ-facing impact: no new alerts on OTD drops, late-shipment surges, or claim escalations until re-auth. Re-auth restores normal operation within 1 sync cycle (5 to 60 minutes depending on plan). My calendar reminder is for 5 months out. Is that enough? Yes if you set it on initial setup; combined with the 14-day in-app alert that gives two reminders. If you set up multiple connectors, consider monthly “credential health” review including all*_auth_token_expiry_days cards.
The card shows 89 days but my Australia Post portal shows 91 days. Why?
Timezone offset. Australia Post records the credential expiry in your account timezone (AEDT/AWST/ACST); the card stores UTC. AEDT is UTC+11; the boundary date can shift by a calendar day. On a 90-day countdown the difference is rounding, not a real gap.
I have multiple Australia Post accounts (eParcel + MyPost). Why do I see one number?
Each Australia Post integration in Vortex IQ has its own card instance. If you have eParcel and a separate MyPost Business connection, you should see two Days to Token Expiry cards (one per integration). If you see one, only one is connected; check the Connections page.
Re-auth requires owner login. What if my Australia Post owner is on leave?
Pre-empt by setting up a second admin user on MyPost Business. Australia Post supports multiple users per merchant code; the OAuth handshake can be done by any admin. Best practice: at least two admins with API permissions, and document who owns the credential renewal.