Last updated on AUGUST 24, 2017
Applies to:Oracle Mobile and Social - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
Every time when an OAuth client requests a new access token using refresh token, OAM generates new refresh token along with new access token. The new refresh token generated will have a new expiry time. The behavior of OAM setting new expiry time in the new refresh token will allow OAuth clients to request for new access token using refresh token for an unlimited period of time. Is this the expected behavior? Is there a way we can set Max lifetime for refresh tokens in OAM ?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms