The documentation says that, by default, access tokens are purged from Cassandra after 180 days.
Note: By default, expired access tokens are purged from the Apigee Edge system automatically 180 days after expiration. See also Purging access tokens.
But, refresh tokens by default never expire and the refresh and access token is stored in the same Cassandra record.
Does that mean that the 180 day purge applies only to the access token's expiration (and thus the infinite refresh token is deleted?). Or, does the purge also account for the refresh_token_expires_at, meaning that it never would purge tokens in the default setting?
I don't see any details on this in the Operations Guide.
We're using OPDK 4.15.07.00
Solved! Go to Solution.
Hi @Eric Dahl
As mentioned in the docs, if the access token and refresh token are not set with the values <ExpiresIn> and <RefreshTokenExpiresIn> respectively, by default, then it will never be purged.
You can update purge settings as follows - (available in the docs)
<ExpiresIn>1000</ExpiresIn> <RefreshTokenExpiresIn>10000</RefreshTokenExpiresIn> |
POST https://<host-name>/v1/organizations/<org-name>; |
Payload:
<Organization name="AutomationOrganization"> <Description>Desc</Description> |
/opt/apigee/apigee-service/bin/apigee-servie edge-message-processor restart |
This API sets the token purge property to true for the organization called AutomationOrganization. In this case, the access token will be purged from the database 120 seconds after both the token and refresh token expire.
Note: Only tokens that are generated after this procedure is applied will be purged. Tokens generated before this procedure is applied will not be purged.
Hi @Eric Dahl
As mentioned in the docs, if the access token and refresh token are not set with the values <ExpiresIn> and <RefreshTokenExpiresIn> respectively, by default, then it will never be purged.
You can update purge settings as follows - (available in the docs)
<ExpiresIn>1000</ExpiresIn> <RefreshTokenExpiresIn>10000</RefreshTokenExpiresIn> |
POST https://<host-name>/v1/organizations/<org-name>; |
Payload:
<Organization name="AutomationOrganization"> <Description>Desc</Description> |
/opt/apigee/apigee-service/bin/apigee-servie edge-message-processor restart |
This API sets the token purge property to true for the organization called AutomationOrganization. In this case, the access token will be purged from the database 120 seconds after both the token and refresh token expire.
Note: Only tokens that are generated after this procedure is applied will be purged. Tokens generated before this procedure is applied will not be purged.
Thanks.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |