Hi,
I am getting Authorization_code and then get my access code by setting grant_type= "authorization_code". I am getting Access token, Expires_in and token_type values but not getting - refresh_token, refresh_token_expires_in etc values.
I am using policy - OA-GenerateAuthorizationCode which is below
-----------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 name="OA-GenerateAuthorizationCode">
<DisplayName>OA-GenerateAuthorizationCode</DisplayName>
<ExternalAuthorization>false</ExternalAuthorization>
<Operation>GenerateAuthorizationCode</Operation>
<ClientId>request.formparam.client_id</ClientId>
<ResponseType>request.formparam.response_type</ResponseType>
<Scope>request.formparam.scope</Scope>
<RedirectUri>request.formparam.redirect_uri</RedirectUri>
<UserName>request.formparam.userId</UserName>
<ExpiresIn>700001</ExpiresIn>
<SupportedGrantTypes/>
<Tokens/>
Is any idea what I am missing?
Generate Access token policy is below -
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="OA-GrantToken">
<DisplayName>OA-GrantToken</DisplayName>
<Operation>GenerateAccessToken</Operation>
<!-- This is in millseconds, so expire in an hour -->
<ExpiresIn>3600000</ExpiresIn>
<SupportedGrantTypes>
<GrantType>client_credentials</GrantType>
<!-- The below added for Open Id Connect purpose -->
<GrantType>authorization_code</GrantType>
</SupportedGrantTypes>
<GenerateResponse enabled="false"/>
</OAuthV2>
Mention the GrantType attribute,It will work
I am getting expected response when modify - Generate AccessToken policy as below , but which is returning many un wanted fields - such as Developer email, Organization nam etc - which I don't want to display.
Now working Generate AccessToken policy is below
---------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="OA-GrantToken">
<DisplayName>OA-GrantToken</DisplayName>
<Operation>GenerateAccessToken</Operation>
<!-- This is in millseconds, so expire in an hour -->
<ExpiresIn>3600000</ExpiresIn>
<RefreshTokenExpiresIn>86400000</RefreshTokenExpiresIn>
<SupportedGrantTypes>
<GrantType>client_credentials</GrantType>
<!-- The below added for Open Id Connect purpose -->
<GrantType>authorization_code</GrantType>
</SupportedGrantTypes>
<GenerateResponse enabled="true"/>
</OAuthV2>
@RejeevChaturvedi as a part of access token generation you will get those fields,if u dont want those fields in you response use a assign message policy for editing you response.
under assign message policy u can set like this
<Set> <Payload contentType="application/json" variableSuffix="#" variablePrefix="@"> { "accessToken": "@accessToken#", "refreshToken": "@refreshToken#", }
</Payload>
</Set>