Solved: Where do APIGEE stores the refresh tokens

Report Inappropriate Content · 11-04-2015 03:06 PM

So when I migrate all the data {Product, Proxies, Developers, Deverelop Apps, keys} from my old instances to our new APIGEE cluster.

While testing we figure that the refresh token generated by old system is not being recognized on new system. If we do the migration then it will force all of our mobile users to logout.

we tried to verify it by authenticating with the old apigee, and then send an authenticated request to the new apigee using the access token from the old apigee

Please advise if there is any other way to get this achived.

Few details:

Old Apigee version: r22

New Apigee version: 15.01

UPDATE: upgraded APIGEE to 4.15.07

Access token TTL: 30 mins

adas

@Satyajit Roy Choudhury Since R22 is almost 2 years old and since then we have had schema changes in our datastore (by the way refresh tokens are stored in Cassandra), so I am not sure if we can migrate the access tokens, refresh tokens etc. Also from the upgrade perspective, I would suggest you upgrade to 1507 instead of 1501 since there are some known bugs in 1501 software version. Make sure you apply all the 1501 patches that are available.

Regarding the migration of the refresh tokens etc. I would suggest you reach out to the support team, but I don't think there's any feasible option at the moment. From end user perspective, they would have to login to the apps again and generate new access tokens and refresh tokens, which should not change the functionality, except that they would have to go through the oauth flow again.

View solution in original post

adas

@Satyajit Roy Choudhury I am guessing you used to the apigee migrate tool: https://github.com/apigeecs/apigee-migrate-tool/blob/master/README.md

This tool only migrates the following entities:

Developers
Proxies (latest version)
Products
Apps
App Keys
KVM (Org and Env)

It doesn't migrate any of the runtime data like access tokens, refresh tokens, cache, quota counters etc. It mostly makes management api calls to the source org, exports that data and then imports that into the destination org using the management apis. So all runtime data like tokens, counters, cache etc. are not addressed by this tool.

I see that you are migrating from r22 to 15.01, so please work with our support team if you need more details around this.

Report Inappropriate Content

@arghya das Thanks for the response. yes I am using apigee-migrate-tool. I can work with support but is it something feasible by any means ?

Thanks again for your response.

adas

@Satyajit Roy Choudhury Since R22 is almost 2 years old and since then we have had schema changes in our datastore (by the way refresh tokens are stored in Cassandra), so I am not sure if we can migrate the access tokens, refresh tokens etc. Also from the upgrade perspective, I would suggest you upgrade to 1507 instead of 1501 since there are some known bugs in 1501 software version. Make sure you apply all the 1501 patches that are available.

Regarding the migration of the refresh tokens etc. I would suggest you reach out to the support team, but I don't think there's any feasible option at the moment. From end user perspective, they would have to login to the apps again and generate new access tokens and refresh tokens, which should not change the functionality, except that they would have to go through the oauth flow again.

Report Inappropriate Content

@arghya dasThanks I reached out to support for the same. Waiting for there response. I also considered upgrading Apigee to 4.15.07.

akashtp

@arghya das Is it possible to get a list of all refresh tokens and their attributes via an API call?