{ Community }
  • Academy
  • Docs
  • Developers
  • Resources
    • Community Articles
    • Apigee on GitHub
    • Code Samples
    • Videos & eBooks
    • Accelerator Methodology
  • Support
  • Ask a Question
  • Spaces
    • Product Announcements
    • General
    • Edge/API Management
    • Developer Portal (Drupal-based)
    • Developer Portal (Integrated)
    • API Design
    • APIM on Istio
    • Extensions
    • Business of APIs
    • Academy/Certification
    • Analytics
    • Events
    • Hybrid
    • Integration (AWS, PCF, Etc.)
    • Microgateway
    • Monetization
    • Private Cloud Deployment
    • Insights
    • IoT Apigee Link
    • BaaS/Usergrid
    • BaaS Transition/Migration
    • Apigee-127
    • New Customers
    • Topics
    • Questions
    • Articles
    • Ideas
    • Leaderboard
    • Badges
  • Log in
  • Sign up

Get answers, ideas, and support from the Apigee Community

  • Home /
  • Edge/API Management /
avatar image
0
Question by aagrawal · Feb 15, 2017 at 08:27 PM · 227 Views management apiaccesstokenrevoke

Apigee Management api to revoke access token by end user Id is not working consistently

When I try to revoke all the access token issued to a user using the management API (https://docs.apigee.com/management/apis/post/organizations/%7Borg_name%7D/oauth2/revoke), I have found that its behaviour is pretty flaky.


I understand that we get 202 in response which means that the request to revoke access token has been accepted, and it takes some time to process. Many times all the access tokens are revoked within few seconds and sometimes none is revoked.

Thanks

Comment
Add comment Show 5
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Alex Koo ♦♦   · Feb 20, 2017 at 03:44 AM 0
Link

Hello @aagrawal, this looks to be a product functionality concern. Have you considered opening a Support ticket? We can get more details to understand the situations where access tokens are not getting revoked.

avatar image Sai Saran Vaidyanathan ♦ Alex Koo ♦♦   · Feb 20, 2017 at 07:10 AM 0
Link

+1 on @Alex Koo' comments. Is this behavior consistent ? Did you make the GET call to see if the tokens exist ? We will need more info to investigate. I would also recommend you to open a support ticket

avatar image aagrawal Sai Saran Vaidyanathan ♦ · Feb 20, 2017 at 08:00 PM 0
Link

Thanks @Alex Koo and @Sai Saran Vaidyanathan for your quick response. The behaviour is pretty inconsistent. Sometimes it revokes immediately and sometimes it takes forever, sometimes it revokes the access token, but not the associated refresh token. That I have confirmed by making the GET calls on the access tokens.

I have already raised a support ticket, but thought that community will also be a great platform to address my issue.

Show more comments
avatar image Shrenik Kumar Desai · Jul 03, 2018 at 12:09 PM 0
Link

@Abhishek Tiwari

@Alex Koo

We face some similar issue, we've two platforms:

1. On-premises(used for Dev & Testing ENVs):

a) It works fine here, consistently revokes the tokens are recooked within few seconds of an enduserId.

And

b) GET call works fine here.

2. Private cloud(used for higher ENVs):

a)It works fine inconsistently and revocation takes longer than On-premises case(much longer, >15mins)

b)Sometimes it doesn't work at all and we get below error:

{ "code": "datastore.ErrorWhileAccessingDataStore", "message": "Error while accessing datastore;Please retry later", "contexts": [] }

However GET call for the same userId works.

Note: One important difference is that the issue where we see(2nd platform) is used for performance tests where we've millions of access_tokens created for an userId(which have long expiry like 6months)- could this be reason for 2.b?

Close

0 Answers

  • Sort: 

Follow this Question

Answers Answers and Comments

46 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

Management API revoking access tokens by End User ID and App ID is not working properly 1 Answer

How to revoke Access Tokens except a Access Token sent by request 1 Answer

In an OAuthV2 policy with InvalidateToken, can the cascade param reference a flow variable? 1 Answer

Manage Private Cloud with REST APIs,Apigee Private Cloud REST APIs for management 1 Answer

Management APIs allow to add permission to resources that do not exist 1 Answer

  • Products
    • Edge - APIs
    • Insights - Big Data
    • Plans
  • Developers
    • Overview
    • Documentation
  • Resources
    • Overview
    • Blog
    • Apigee Institute
    • Academy
    • Documentation
  • Company
    • Overview
    • Press
    • Customers
    • Partners
    • Team
    • Events
    • Careers
    • Contact Us
  • Support
    • Support Overview
    • Documentation
    • Status
    • Edge Support Portal
    • Privacy Policy
    • Terms & Conditions
© 2019 Apigee Corp. All rights reserved. - Apigee Community Terms of Use - Powered by AnswerHub
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Create an article
  • Post an idea
  • Spaces
  • Product Announcements
  • General
  • Edge/API Management
  • Developer Portal (Drupal-based)
  • Developer Portal (Integrated)
  • API Design
  • APIM on Istio
  • Extensions
  • Business of APIs
  • Academy/Certification
  • Analytics
  • Events
  • Hybrid
  • Integration (AWS, PCF, Etc.)
  • Microgateway
  • Monetization
  • Private Cloud Deployment
  • Insights
  • IoT Apigee Link
  • BaaS/Usergrid
  • BaaS Transition/Migration
  • Apigee-127
  • New Customers
  • Explore
  • Topics
  • Questions
  • Articles
  • Ideas
  • Members
  • Badges