...
These calls also have to be from back-end to back-end.
User Revocation
The user may choose to revoke the permissions previously granted to your web application. This will invalidate the access token and destroy your refresh token. Any subsequent calls to Betfair using the access token, or any attempt to generate a new one using the refresh token will result in either an INVALID_SESSION exception or UNEXPECTED_ERROR respectively.
Legacy Subscriptions
The way subscriptions are handled for web applications differ greatly from the way they were for desktop based applications. The subscription token model is no longer enforced, however you may still choose to create and manage subscriptions using the existing API calls.
...
The available operations are the following:
getApplicationSubscriptionToken
activateApplicationSubscription
listApplicationSubscriptionTokens
getApplicationSubscriptionHistory
If you do use these calls to manage subscriptions, the token call will return information on the most relevant subscription (i.e. the subscription with the latest expiration date) as part of the application_subscription object.
...