Hi
I need to
1. Use externally created AccessToken and RefreshToken.
2. In first pass
3. In second pass
3a. Alternative
I've also tried using RefreshToken instead of revoke and generate
but it fails with error invalid_request
Please help.
Thanks
Vi
I don't understand. Which token are you revoking? After you revoke a token, VerifyAccessToken should reject the token, right? You're not expecting the revoked token to be validated, are you?
If you have separate access tokens, the VerifyAccessToken on the 2nd access token is independent of the revoke on the first token.
This flow works:
I think you need to get RefreshToken working correctly, if you want to refresh a token.
Also, you may need to skip the Revoke token step; if you set the token expiry correctly, then you can let the token expire naturally. No need to explicitly revoke it.
User | Count |
---|---|
7 | |
2 | |
2 | |
2 | |
1 |