- SAP Managed Tags
I want to configure the refresh_token functionality for users that log into SmartEdit.
I have the following configuration for the smartedit oauth client;
This results in the following behaviour:
* When a user logs into smartedit, the refresh token is sent together with the access token in the response:
{
"access_token" : "ec1f4256-e69a-4892-8e37-a54655f7c309",
"token_type" : "bearer",
"refresh_token" : "74619fc9-ff8e-4bfa-a2fb-6bdcafe4df29",
"expires_in" : 59,
"scope" : "basic permissionswebservices previewwebservices openid"
}* After the 60 seconds, the user is logged out because the access token validity is expired and a response code 401 is returned:
{
"errors" : [ {
"message" : "Access token expired: ec1f4256-e69a-4892-8e37-a54655f7c309",
"type" : "InvalidTokenError"
} ]
}
* The following requests of the client result in access denied and the user has to log in again.
I would have expected that after receiving the 401, a request with the refresh token to the authorization server would have been triggered to get a new access token but this does not happen.
Question:
What do i have to change in my configuration so that the refresh token is actually used by the smartedit oauth client when the access token is expired?
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.