Transfer Custom Attributes From Expired Access Token to New Access Token

Not applicable

If I have an expired access token with custom attributes and I'm trying to use my refresh token to exchange for a new access token, is there any way I can transfer the custom attributes of the expired access token to the newly generated access token?

As far as I know, custom attributes can't be bound to a refresh token and a RefreshAccessToken request doesn't actually pass in the expired access token for you to look up the custom attributes.

Solved Solved
0 6 570
1 ACCEPTED SOLUTION

Hi @Edward,

I guess the custom attribute is bound to refresh token as well as I have tested this scenario where in I am setting the custom attribute while generating access token for the first time along with refresh token and when I am using the refresh token to generate the new access token I am able to retrieve the custom attribute from the new access token too.

View solution in original post

6 REPLIES 6

Hi @Edward,

I guess the custom attribute is bound to refresh token as well as I have tested this scenario where in I am setting the custom attribute while generating access token for the first time along with refresh token and when I am using the refresh token to generate the new access token I am able to retrieve the custom attribute from the new access token too.

I tested it myself to confirm and that is indeed the case!

adas
Participant V

@Edward the custom attributes should be set when you generate the refresh token for your access token. I will try it out and confirm but as far as I remember it should work out of the box. Incase it doesn't, here's what you can do:

- use getoauthinfo policy to get the attributes

- generate a new token using the refresh token

- use the setoauthinfo policy to set the atteibutes if its not set already.

This approach should work, however it might be a little expensive since it involves multiple calls to the token store to get, set these attributes.

Not applicable

@GargiTalukdar, @Edward,

Hi,

Was your use case involved updating the value of the custom attribute from AccessToken to New Access Token ?

I meant, lets say I have a parameter X, which I set to "5" while generating the access token. But in the refresh access token, I would like to update the value of parameter X to "6".

Did you try that out ?

You could do that with a Set OAuth V2 Info policy in the flow for refreshing an access token. The default behaviour seems to be to just copy over all the old custom attributes to the new access token.

I tried updating the attribute while generating refresh token in the Oauthv2 policy itself , but it seems we cannot update the attribute value in the Oauthv2 policy. As mentioned by @Edward, we need to use Set Oauth V2 policy to update the attribute while generating refresh token.