This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Access Token Expiry time Max limit

Posted on 05-03-2017 11:09 AM
kumudgautam-1
New Member
Reply posted on --/--/---- --:-- AM

Hi,

Is there a max limit to set for Access token expiry in "GenerateAccessToken" policy, for client credential grant type?

Say, I need to set my access token life to 24 hours, can i do that?

I tried adding below:

	<ExpiresIn>86400000</ExpiresIn>

But it didn't work. The token i received had below value:

	"expires_in": "86399",

What gives?

Thanks,

Kumud

Solved Solved
1 2 3,175
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

I think it did work.

The way Apigee returns the values might be confusing. For sure it was confusing for me when I first saw it.

The confusing part is the input - the ExpiresIn value - must be specified in milliseconds.

The output - the "expires_in" property on the response payload - is specified in seconds.

And there is a fudge factor we include, so 86399 is .... a "floor".

The number of seconds in 24 hours, is 86400; Apigee sends back 86399 for safety. In case the app does pro-active token refresh.

To answer the question you posed in the title : is there a max limit?

I don't know. But if there is a limit, it is much higher than 24 hours, which means you cannot possibly be running into that limit, if you are setting a 24-hour lifetime on your tokens.

View solution in original post

Jump to Solution
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

I think it did work.

The way Apigee returns the values might be confusing. For sure it was confusing for me when I first saw it.

The confusing part is the input - the ExpiresIn value - must be specified in milliseconds.

The output - the "expires_in" property on the response payload - is specified in seconds.

And there is a fudge factor we include, so 86399 is .... a "floor".

The number of seconds in 24 hours, is 86400; Apigee sends back 86399 for safety. In case the app does pro-active token refresh.

To answer the question you posed in the title : is there a max limit?

I don't know. But if there is a limit, it is much higher than 24 hours, which means you cannot possibly be running into that limit, if you are setting a 24-hour lifetime on your tokens.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
kumudgautam-1
New Member
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Thanks Dino!

Yes i realized it later that response is in seconds 🙂

Jump to Solution
0 Likes