This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Oauth default purging process

Posted on 05-07-2019 07:05 AM
stevenboyatsis
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

We are looking at modifying the Oauth purge time frame described in this documentation https://docs.apigee.com/api-platform/reference/policies/oauthv2-policy#purgingaccesstokens-updatingp... . Want to make sure we understand the ramifications of modifying this setting. On the surface there doesn't seem to be any reason to store an expired token so not sure why the default purge policy is 180 days. Is there any reason why we would want to keep an expired token in the cassandra tables? It seems default value should be to delete the token once it is expired or within minutes of it being expired. Any insight on this would be helpful.

Thanks.

Solved Solved
0 2 273
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
markeccles-1
Staff
Reply posted on --/--/---- --:-- AM

Hi Steve,

Oauth tokens are stored in Cassandra tables under individual rows. There is a column indicating the TTL of the token, and the tokens are basically deleted from the tables 180 days after the expiry of the access token or the refresh token (if one exists).

You raised a good point that 180 days is a long time to keep expired data. This is indeed too long for the average user of Apigee, and should be reduced in the case that you are generate lots of oauth tokens as it will bring considerably disk space savings.

The only ramification of deleting expired oauth tokens is that some users have security requirements where expired oauth tokens need to be traceable by end user id or app id. For example, in the event of an attack or privacy breach that happened in the past, you may want to trace who issued a particular token and what they accessed with it.

There is also a 10 day period where deleted rows get actually purged from disk. Deleted rows in Cassandra are called tombstones and get deleted after gc_grace period expires.

Mark

View solution in original post

Jump to Solution
2 REPLIES 2

Posted on --/--/---- --:-- AM
markeccles-1
Staff
Reply posted on --/--/---- --:-- AM

Hi Steve,

Oauth tokens are stored in Cassandra tables under individual rows. There is a column indicating the TTL of the token, and the tokens are basically deleted from the tables 180 days after the expiry of the access token or the refresh token (if one exists).

You raised a good point that 180 days is a long time to keep expired data. This is indeed too long for the average user of Apigee, and should be reduced in the case that you are generate lots of oauth tokens as it will bring considerably disk space savings.

The only ramification of deleting expired oauth tokens is that some users have security requirements where expired oauth tokens need to be traceable by end user id or app id. For example, in the event of an attack or privacy breach that happened in the past, you may want to trace who issued a particular token and what they accessed with it.

There is also a 10 day period where deleted rows get actually purged from disk. Deleted rows in Cassandra are called tombstones and get deleted after gc_grace period expires.

Mark

Jump to Solution

Posted on --/--/---- --:-- AM
stevenboyatsis
Bronze 1
Bronze 1
In response to markeccles-1
Reply posted on --/--/---- --:-- AM

Thanks very much Mark. Very useful information.

Jump to Solution
0 Likes