This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Update access token attributes

Posted on 11-17-2017 05:09 AM
Not applicable
Reply posted on --/--/---- --:-- AM

We use https://docs.apigee.com/management/apis/post/organizations/%7Borg_name%7D/oauth2/accesstokens/%7Bacc... to update the access rights of users, which are stored as a attributes. It seems however that it doesn't take effect immediatly. Any idea why, and what we can do to mitigate that problem? We really need the access control to be closer to immediate than what we see today.

0 2 337
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Former Community Member
Not applicable
Reply posted on --/--/---- --:-- AM

Apigee OAuth access tokens are distributed (they can be made available in multiple regions, or multiple AZs within a region or even between multiple gateways within an AZ). Apigee Edge leverages an eventual consistency algorithm to propagate changes between instances. In addition, for performance reasons, some of this information may be cached for some seconds.

It appears you require something as instantaneous as possible (i.e., no caching whatsoever and a single source). Perhaps you should consider some other external data source for these attributes.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to Former Community Member
Reply posted on --/--/---- --:-- AM

I'm not talking about "some seconds", but several minutes. In addition to this, it seems that when a new access token is issued using a refresh token, the original attribute values are added to it - not the values updated with the api. There doesn't seem to be an api to update the reefresh token attributes. These two issues makes it hard for us to maintain the access information the way originally recommended by Apigee.

0 Likes