OAuth No Refresh Token Generated with the Access Token

(Doc ID 2363349.1)

Last updated on FEBRUARY 21, 2018

Applies to:

Oracle Access Manager - Version and later
Information in this document applies to any platform.


On : version, Token Processing Engine

OAuth no refresh token

Configured OAuth service from OAM, based on information from documentation [https://docs.oracle.com/middleware/12213/oam/AIAAG/creating-identity-domain.htm#AIAAG-GUID-78C745E7-1FC7-48F5-A032-3DDC9EDD24E7].

Able to flow the process and implement 3-legged flow [Authorization Code Grant]. Can get the access code and then use the access code to retrieve the access token. But there is no refresh token in the response.

Expect to see a refresh token in the response.

The issue can be reproduced at will with the following steps:
1. Configured 3-legged Oauth
2. Getting the access code
3. Using the access code to retrieve the access token

The issue has the following business impact:
Due to this issue, there is no refresh token included with the access token.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms