Solved: Setting ReUseRefreshToken attribute value dependin...

Report Inappropriate Content · 11-15-2018 07:37 AM

Is there a way to set ReUseRefreshToken attribute(true or flase) value in the Oauth policy bdepending on API product custom attributes.

<ReuseRefreshToken >verifyapikey.VerifyClient.apiproduct.tokenReuse</ReuseRefreshToken>.

<ReuseRefreshToken ref="verifyapikey.VerifyClient.apiproduct.tokenReuse"/> ,these options did not work

ssvaidyanathan

Hi @Sampath Ayitha

Unfortunately it cannot be referenced. The easiest is to have two OAuth policies with true and false. Have a condition in your Proxy flow and call it appropriately.

<Step>
  <Name>RefreshAccessToken-Reuse</Name>
  <Condition>verifyapikey.VerifyClient.apiproduct.tokenReuse = true</Condition>
</Step>
<Step>
  <Name>RefreshAccessToken</Name>
  <Condition>verifyapikey.VerifyClient.apiproduct.tokenReuse = false</Condition>
</Step>

View solution in original post

ssvaidyanathan

Hi @Sampath Ayitha

Unfortunately it cannot be referenced. The easiest is to have two OAuth policies with true and false. Have a condition in your Proxy flow and call it appropriately.

<Step>
  <Name>RefreshAccessToken-Reuse</Name>
  <Condition>verifyapikey.VerifyClient.apiproduct.tokenReuse = true</Condition>
</Step>
<Step>
  <Name>RefreshAccessToken</Name>
  <Condition>verifyapikey.VerifyClient.apiproduct.tokenReuse = false</Condition>
</Step>

Report Inappropriate Content

Thanks Sai for you reponse, the same thing we ended up doing. We thought that there would be a better way instead of using two policies.

Setting ReUseRefreshToken attribute value depending on API product custom attributes