If you are using Token-based Authentication (TBA) in your primary sandbox and production account, be aware of the following: The Token Key and Token Secret used for TBA are not part of information shared between your primary sandbox and production accounts. The Token Key and Token Secret are deleted in your primary sandbox account after each sandbox refresh, and you must regenerate them on your primary sandbox account. This has no impact on the Token Key and Token Secret used in your production account. The Consumer Key and Consumer Secret are shared between your primary sandbox and production accounts. If you change the Consumer Key or Consumer Secret in your primary sandbox account, auto install automatically changes them in your production account and can break your production account integrations.