This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Force an Oauth 2.0 token to expire

Posted on 06-06-2017 07:05 AM
Not applicable
Reply posted on --/--/---- --:-- AM

I have a token generated using an OAuthV2 policy:

<OAuthV2 name="OAuthV2.GenerateAccessToken" continueOnError="false">
<Operation>GenerateAccessToken</Operation>
   <ExpiresIn ref="flow.expirationTime">3600000</ExpiresIn>
....
.... 
   <Attributes> 
      <Attribute name="attr1" ref="request.formparam.attr1" display="true"/> 
      <Attribute name="attr2" ref="request.formparam.attr2" display="true"/> 
   </Attributes> 
</OAuthV2>

The token is binded with 2 attributes and expires after 3600 seconds.

Under certain conditions on attr1 and attr2 I want to force the token to expire before the real expiration time.

There is some way to do this inside a proxy or the only way is revoke the token using management API:

http://docs.apigee.com/management/apis/post/organizations/%7Borg_name%7D/oauth2/accesstokens/%7Bacce...

Solved Solved
0 2 3,131
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
willwitman
Staff
Reply posted on --/--/---- --:-- AM

Hi @aatth1 - I don't think you can change the expiration of an existing token. As you probably found, the SetOAuthV2 policy does not allow you to change the expiration. Here's another answer I found that might help you that involves a possible workaround (which I've never tried myself):

https://community.apigee.com/questions/1994/is-there-a-way-to-update-expiry-time-of-an-existin.html

I hope that helps,

Will

View solution in original post

Jump to Solution
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
willwitman
Staff
Reply posted on --/--/---- --:-- AM

Hi @aatth1 - I don't think you can change the expiration of an existing token. As you probably found, the SetOAuthV2 policy does not allow you to change the expiration. Here's another answer I found that might help you that involves a possible workaround (which I've never tried myself):

https://community.apigee.com/questions/1994/is-there-a-way-to-update-expiry-time-of-an-existin.html

I hope that helps,

Will

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to willwitman
Reply posted on --/--/---- --:-- AM

Thanks , this is what I was looking for.

In my case maybe I can just invalidate the token using the InvalidateToken operation.

But the workaround solution to modify the expiration time looks good to me.

Antonio

Jump to Solution
0 Likes