This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Oauth2 refresh token does not work

Posted on 01-31-2018 01:31 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hello;

I have a problem with Oauth2 policy. I use external IdP (Azure) to make authentication and Apigee to reuse the authorization sent by the IdP.

This is the policy that I made but I have a problem, I can not find how include the refresh token into the response

<?xml version="1.0" encoding="UTF-8"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="OAuthV2-GenerateAccessToken">
   <DisplayName>OAuthV2-GenerateAccessToken</DisplayName>
   <ExternalAuthorization>true</ExternalAuthorization>
   <Operation>GenerateAccessToken</Operation>
   <SupportedGrantTypes>
      <GrantType>client_credentials</GrantType>
   </SupportedGrantTypes>
   <ReuseRefreshToken>true</ReuseRefreshToken>
   <RefreshToken>gauth_refresh_token</RefreshToken>
   <ExternalAccessToken>gauth_access_token</ExternalAccessToken>
   <StoreToken>true</StoreToken>
   <GenerateResponse enabled="true" />
   <Tokens />
</OAuthV2>
0 1 473
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
davissean
Staff
Reply posted on --/--/---- --:-- AM

The Client Credentials grant type cannot include a refresh token. This is because there is no end user in the flow, so the client would just request a new token.

If you change this to the password grant type, you will receive a refresh token.

Hope this helps!

0 Likes