Layer7 API Management

Please tell me how to increase the token expiration  more that 1 hour for OAuth authentication . Suppose I want to increase it from 1 hour to 24 hour then please tell me how to do it .
 I want to do it for a single policy . Rest of the policy I want to keep the same the life time of the token as 1 hour .

Regards,
Sandeep

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/configure-token-lifetime-properties.html

This is specific to a particular Application created
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html

------------------------------
Pre-Sales Consultant
CA Southern Africa
------------------------------

Original Message:
Sent: 03-30-2020 02:04 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Please tell me how to increase the token expiration  more that 1 hour for OAuth authentication . Suppose I want to increase it from 1 hour to 24 hour then please tell me how to do it .
 I want to do it for a single policy . Rest of the policy I want to keep the same the life time of the token as 1 hour .

Regards,
Anirban

Hi,
         I want to make "expires_in": 3600, to "expires_in": 86400, configure below properties in oauth manager but still getting "expires_in": 3600. PFB  :
"lifetimes":{
   "oauth2_access_token_lifetime_sec":86400,
   "oauth2_refresh_token_lifetime_sec":432000
}
hitting the url (https://order.sample.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=c0e20a35-a20f-45f8-e7g5-ad30ee5e2994&client_secret=da4f0750-7557-40f2-5e77-a9a543062a2e&scope=ssd)

got respone like below:
{
   "access_token": "cfa08f98-afc6-7557-trdt-5bf03ef630b0",
   "token_type": "Bearer",
   "expires_in": 3600,
   "scope": "ssd"
}
please tell me how to get    "expires_in": 3600, .
Original Message:
Sent: 03-30-2020 10:21 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/configure-token-lifetime-properties.html

This is specific to a particular Application created
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 02:04 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Please tell me how to increase the token expiration  more that 1 hour for OAuth authentication . Suppose I want to increase it from 1 hour to 24 hour then please tell me how to do it .
 I want to do it for a single policy . Rest of the policy I want to keep the same the life time of the token as 1 hour .

Regards,
Anirban

This is the policy I customize which works...

Also may I know what version of the OTK toolkit are you using?

------------------------------
Pre-Sales Consultant
CA Southern Africa
------------------------------

Original Message:
Sent: 03-30-2020 03:35 PM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Hi,
         I want to make "expires_in": 3600, to "expires_in": 86400, configure below properties in oauth manager but still getting "expires_in": 3600. PFB  :
"lifetimes":{
   "oauth2_access_token_lifetime_sec":86400,
   "oauth2_refresh_token_lifetime_sec":432000
}

hitting the url (https://order.sample.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=c0e20a35-a20f-45f8-e7g5-ad30ee5e2994&client_secret=da4f0750-7557-40f2-5e77-a9a543062a2e&scope=ssd)

got respone like below:
{
   "access_token": "cfa08f98-afc6-7557-trdt-5bf03ef630b0",
   "token_type": "Bearer",
   "expires_in": 3600,
   "scope": "ssd"
}
please tell me how to get    "expires_in": 3600, .
Original Message:
Sent: 03-30-2020 10:21 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/configure-token-lifetime-properties.html

This is specific to a particular Application created
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 02:04 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Please tell me how to increase the token expiration  more that 1 hour for OAuth authentication . Suppose I want to increase it from 1 hour to 24 hour then please tell me how to do it .
 I want to do it for a single policy . Rest of the policy I want to keep the same the life time of the token as 1 hour .

Regards,
Anirban

The requirement is from source system via OAuth I have to route to target system. I register a client in oauth manager & share the url to source system.Source system hitting the URL & pass to token to layer 7 which valid for 1 hour. Now as per the requirement we have to extent the token validity to 24 hour.My policy is attached.
OAUTH client is like below:
We are using 9.4 version of the API. Please tell me how to enable the token which will be valid for 24 hour as per the policy developed by me & I have to share it to the source system also the URL from OAUTH manager .

Regards,
Sandeep
Original Message:
Sent: 03-31-2020 08:38 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

This is the policy I customize which works...

Also may I know what version of the OTK toolkit are you using?

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 03:35 PM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Hi,
         I want to make "expires_in": 3600, to "expires_in": 86400, configure below properties in oauth manager but still getting "expires_in": 3600. PFB  :
"lifetimes":{
   "oauth2_access_token_lifetime_sec":86400,
   "oauth2_refresh_token_lifetime_sec":432000
}

hitting the url (https://order.sample.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=c0e20a35-a20f-45f8-e7g5-ad30ee5e2994&client_secret=da4f0750-7557-40f2-5e77-a9a543062a2e&scope=ssd)

got respone like below:
{
   "access_token": "cfa08f98-afc6-7557-trdt-5bf03ef630b0",
   "token_type": "Bearer",
   "expires_in": 3600,
   "scope": "ssd"
}
please tell me how to get    "expires_in": 3600, .
Original Message:
Sent: 03-30-2020 10:21 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/configure-token-lifetime-properties.html

This is specific to a particular Application created
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 02:04 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Please tell me how to increase the token expiration  more that 1 hour for OAuth authentication . Suppose I want to increase it from 1 hour to 24 hour then please tell me how to do it .
 I want to do it for a single policy . Rest of the policy I want to keep the same the life time of the token as 1 hour .

Regards,
Sandeep

Hello

If the access_token is issued for 1 hour you can not use it after its expired  the validation fails. You need to refresh and get a new token or re issue a new token. If you want to be able to use a token for 24 hours you would need to issue it with a 24 hour expiration.

If you are using JWT based tokens you could potentially do this by inspecting the JWT itself and validate the  claims such as iat and exp are still valid but this means not using the "OTK Require Oauth 2.0 token" assertion and build your JWT validation logic your self.

this is the link to the documentation for configuring and validating JWT based tokens.
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/installation-workflow/configure-authentication/token-configuration/configure-jwt-access-tokens.html
Original Message:
Sent: 03-31-2020 09:22 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

The requirement is from source system via OAuth I have to route to target system. I register a client in oauth manager & share the url to source system.Source system hitting the URL & pass to token to layer 7 which valid for 1 hour. Now as per the requirement we have to extent the token validity to 24 hour.My policy is attached.

OAUTH client is like below:

We are using 9.4 version of the API. Please tell me how to enable the token which will be valid for 24 hour as per the policy developed by me & I have to share it to the source system also the URL from OAUTH manager .

Regards,
Anirban
Original Message:
Sent: 03-31-2020 08:38 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

This is the policy I customize which works...

Also may I know what version of the OTK toolkit are you using?

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 03:35 PM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Hi,
         I want to make "expires_in": 3600, to "expires_in": 86400, configure below properties in oauth manager but still getting "expires_in": 3600. PFB  :
"lifetimes":{
   "oauth2_access_token_lifetime_sec":86400,
   "oauth2_refresh_token_lifetime_sec":432000
}

hitting the url (https://order.sample.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=c0e20a35-a20f-45f8-e7g5-ad30ee5e2994&client_secret=da4f0750-7557-40f2-5e77-a9a543062a2e&scope=ssd)

got respone like below:
{
   "access_token": "cfa08f98-afc6-7557-trdt-5bf03ef630b0",
   "token_type": "Bearer",
   "expires_in": 3600,
   "scope": "ssd"
}
please tell me how to get    "expires_in": 3600, .
Original Message:
Sent: 03-30-2020 10:21 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/configure-token-lifetime-properties.html

This is specific to a particular Application created
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 02:04 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Please tell me how to increase the token expiration  more that 1 hour for OAuth authentication . Suppose I want to increase it from 1 hour to 24 hour then please tell me how to do it .
 I want to do it for a single policy . Rest of the policy I want to keep the same the life time of the token as 1 hour .

Regards,
Anirban

"If you want to be able to use a token for 24 hours you would need to issue it with a 24 hour expiration."   
How to issue it for 24 hour expiration for a single policy?  Then have to implement it using "OTK Require OAuth 2.0 Token"  assertion.

Please help.

Original Message:
Sent: 03-31-2020 12:40 PM
From: BARRY STERN
Subject: Layer 7 OAuth Manager Token expiry extension

Hello

If the access_token is issued for 1 hour you can not use it after its expired  the validation fails. You need to refresh and get a new token or re issue a new token. If you want to be able to use a token for 24 hours you would need to issue it with a 24 hour expiration.

If you are using JWT based tokens you could potentially do this by inspecting the JWT itself and validate the  claims such as iat and exp are still valid but this means not using the "OTK Require Oauth 2.0 token" assertion and build your JWT validation logic your self.

this is the link to the documentation for configuring and validating JWT based tokens.
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/installation-workflow/configure-authentication/token-configuration/configure-jwt-access-tokens.html
Original Message:
Sent: 03-31-2020 09:22 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

The requirement is from source system via OAuth I have to route to target system. I register a client in oauth manager & share the url to source system.Source system hitting the URL & pass to token to layer 7 which valid for 1 hour. Now as per the requirement we have to extent the token validity to 24 hour.My policy is attached.

OAUTH client is like below:

We are using 9.4 version of the API. Please tell me how to enable the token which will be valid for 24 hour as per the policy developed by me & I have to share it to the source system also the URL from OAUTH manager .

Regards,
Anirban
Original Message:
Sent: 03-31-2020 08:38 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

This is the policy I customize which works...

Also may I know what version of the OTK toolkit are you using?

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 03:35 PM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Hi,
         I want to make "expires_in": 3600, to "expires_in": 86400, configure below properties in oauth manager but still getting "expires_in": 3600. PFB  :
"lifetimes":{
   "oauth2_access_token_lifetime_sec":86400,
   "oauth2_refresh_token_lifetime_sec":432000
}

hitting the url (https://order.sample.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=c0e20a35-a20f-45f8-e7g5-ad30ee5e2994&client_secret=da4f0750-7557-40f2-5e77-a9a543062a2e&scope=ssd)

got respone like below:
{
   "access_token": "cfa08f98-afc6-7557-trdt-5bf03ef630b0",
   "token_type": "Bearer",
   "expires_in": 3600,
   "scope": "ssd"
}
please tell me how to get    "expires_in": 3600, .
Original Message:
Sent: 03-30-2020 10:21 AM
From: Ronald Dsouza
Subject: Layer 7 OAuth Manager Token expiry extension

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/configure-token-lifetime-properties.html

This is specific to a particular Application created
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html

------------------------------
Pre-Sales Consultant
CA Southern Africa

Original Message:
Sent: 03-30-2020 02:04 AM
From: Anirban Chakraborty
Subject: Layer 7 OAuth Manager Token expiry extension

Please tell me how to increase the token expiration  more that 1 hour for OAuth authentication . Suppose I want to increase it from 1 hour to 24 hour then please tell me how to do it .
 I want to do it for a single policy . Rest of the policy I want to keep the same the life time of the token as 1 hour .

Regards,
Anirban