This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Can we retry verifyaccesstoken policy in apigee hybrid?

Posted on 11-17-2023 02:31 PM
kishorecse
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

We have a token validation issue in our active/active apigee hybrid environment. we have two clusters in two different environments that load balances. we have tokens generated in one data center and the validation happening in other data centers when there are token sync latency issues between two data centers. 

is there a way to retry verifyaccesstoken  policy after few milliseconds after it fails and continue with the same flow?

0 2 107
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
SanketK
Staff
Reply posted on --/--/---- --:-- AM

Hi @kishorecse ,

Have you tried specifying the ExpiresIn element as mentioned here: https://docs.apigee.com/api-platform/reference/policies/oauthv2-policy#accesstokenelement 

This would not help with a retry but give enough time for the original request to succeed cross region.


Kind Regards,

SanketK

0 Likes

Posted on --/--/---- --:-- AM
kishorecse
Bronze 1
Bronze 1
In response to SanketK
Reply posted on --/--/---- --:-- AM

Sorry, this actual oauth token is generated externally which is a call from apigee to idp that gets the token and stores in apigee. basically these are third party generated tokens.  We then use apigee to validate the token in business api call. Does this solution still valid? how does this help with verifyaccesstoken policy if it works.  Does the verify access token waits for expires in seconds to validate the token in case if it couldn't find the token in other DC in first attempt? or does this wait for expiresin time all the time for verify token policy?  The problem we have is with verifyaccesstoken in cross region hybrid environment.

0 Likes