Layer7 API Management

Hello, 

we are using an API Gateway 9.3 with OTK 4.3.0 and an external mySQL otk_db.

When we create a new token, it works for a few minutes and then something goes to delete it at all.

The schedulated tasks "OTK Database Maintenance" are configured to run 1 time a day, what could be the cause of this behavior?

Thank you in advance for any suggest, 

Andrea

Hi Andrea,

I would check the configured lifetimes for the tokens: Configure Token Lifetime Properties

Also, are you creating tokens using the same client credentials and resource owner combination? In older versions (ie 3.5) if the same RO and client credentials are used it would invalidate the previously generated tokens.

Regards,

Joe

Thank you Dasjo02, you was right.

I'm still having a doubt:

when I create a new token with the same client/resource combination, I want to wait 15 minutes before the complete erasing of the token.
As I read in the Configure Token Lifetime Properties page, I tried to set the "oauth2_access_token_lifetime_sec" variable in #OTK Token Lifetime Configuration but, when I create the second token, the first immediately disappear.

Is that the right variable?

Thank you for your help, 

Andrea

Hi,

by default when a new token gets generated previous token is deleted ( only 1 token can exists per client ). To change this behaviour, set max_oauth_token_count in  #OTK Storage Configuration policy

https://docops.ca.com/ca-api-management-oauth-toolkit/4-3/en/installation-workflow/configure-authentication/token-configuration