0

[oauth.token_renewal] renew_access_token_per_request= "true"

I set this to the deployment.toml file in wso2 IAM. I generated access token, use it in a API it works fine, When i regenerate access token, the old one should get expires but in my case it does not expired. And if i does not hit api for 4 to 5 minutes it get expired due to renew property

I want that if access token regenerated the old one should expired instantly.

1 Answers1

0

This is working as expected with IS 6.1.0

Once the above configuration is set, IS Server should be restarted.

Afterwards, on every token call a new access token is created and the previous token is expired. The created token can be used until the expiry time or until another token is generated. The token's status can be verified by calling the introspect endpoint.

Referred IS Documentation is available here.

GoushiRam
  • 87
  • 1
  • 5
  • i have done every type of configurations which should be done but still same issue the old access token is not expiring, old and the new one both are working. is there any other configuration need to be add in it? have you do it before? – Hamza Iqbal Mar 07 '23 at 11:12
  • In 6.1.0, setting this config is working. Could you share any other version that you are using? [oauth.token_renewal] renew_access_token_per_request = true – GoushiRam Mar 08 '23 at 04:00
  • I am using wso2 IS 6.0.0 and APIM 4.1.0 – Hamza Iqbal Mar 09 '23 at 05:08