Solved: When do refresh tokens expire?

Report Inappropriate Content · 09-20-2016 04:51 PM

The docs say that refresh tokens expire, by default, in a system-specified default.

What is that default value and where is it configured? I see these properties scattered around:

$ grep -ri refresh * 2>/dev/null | grep expi
ingest-server/keymanagement.properties:oauth_refresh_token_expiry_time_in_millis=-1
management-server/keymanagement.properties:oauth_refresh_token_expiry_time_in_millis=-1
message-processor/keymanagement.properties:oauth_refresh_token_expiry_time_in_millis=-1
postgres-server/keymanagement.properties:oauth_refresh_token_expiry_time_in_millis=-1
qpid-server/keymanagement.properties:oauth_refresh_token_expiry_time_in_millis=-1
router/keymanagement.properties:oauth_refresh_token_expiry_time_in_millis=-1

Is that the right property? Does that mean that they never expire? Which file would we need to update?

We're using OPDK 4.15.07.00

Report Inappropriate Content

Hello @Eric Dahl,

Great Question..!

Yes, you are right. The value specified in parameter "oauth_refresh_token_expiry_time_in_millis" at config file "keymanagement.properties" defines the expiry time of the refresh token.

The value "-1" specifies the expiry time is infinite.

Hope this helps.!

View solution in original post

Report Inappropriate Content

Hello @Eric Dahl,

Great Question..!

Yes, you are right. The value specified in parameter "oauth_refresh_token_expiry_time_in_millis" at config file "keymanagement.properties" defines the expiry time of the refresh token.

The value "-1" specifies the expiry time is infinite.

Hope this helps.!

Report Inappropriate Content

Also, does Apigee eventually remove these expired refresh tokens from Cassandra?