Not, Sorry. I have been trying to identify vulnerabilities associated with Session fixation and if the API updates the access token after an excessive timeout.Therefore I have checked the user's access token from the network traffic.