Understanding Delegation Tokens
The delegation token is a compact, encrypted block of data representing the consent information provided by Windows Live ID to your Web site for using a specific set of offers and actions from a resource provider. You provide the delegation token to the resource provider during the invocation of an offer and action from that resource provider, and the resource provider processes the delegation token at that time. Your Web site uses the delegation token whenever it interacts with the resource provider. The delegation token expires quickly, and so it must be refreshed on a regular basis by the Windows Live ID consent service. For more information about using delegation tokens, see Working with Delegation Tokens.
Delegation Token Expiration Dates
Each consent token includes not just a delegation token, but also an expiration date for the delegation token. You should check to see whether the delegation token has expired before you attempt to use the delegation token to interact with a resource provider. If the delegation token has expired, you must refresh the consent token to receive an updated delegation token. For more information about refreshing consent tokens, see Refreshing Consent.
Storing Delegation Tokens
Your Web site could store delegation tokens individually, but we recommend that you store the entire consent token and parse it for the delegation token as needed. Consent tokens may have to be refreshed often, depending on the requirements of the resource provider and the specifications of the Windows Live ID user who granted consent, so storing the consent token as a whole is recommended.