Layer7 API Management

Expand all | Collapse all

OAuth Customization for Single Token Entry

Jump to Best Answer
  • 1.  OAuth Customization for Single Token Entry

    Posted 03-21-2020 05:51 PM
    Hi All,

    OAuth 3.5
    Gateway 9.2

    I have a requirement where I need to customize OAuth. Whenever a Token is generated it should replace the old one even if it has not expired.
    How can we do this type of customization in OAuth 3.5? I know for the current 4.x version there are the customization steps in docops. As we are working on 3.5 so need to know how can we achieve this to store only the latest single token in the DB whenever a token call is made.



  • 2.  RE: OAuth Customization for Single Token Entry

    Posted 03-22-2020 07:24 PM
    I am thinking you may not have to customize the otk, you may just refresh token each time.

    Regards,
    Mark


  • 3.  RE: OAuth Customization for Single Token Entry

    Posted 03-22-2020 10:09 PM
    Hi Mark,

    Yes I need to refresh the token whenever a new token is generated.

    Thanks,
    Irfan


  • 4.  RE: OAuth Customization for Single Token Entry
    Best Answer

    Posted 03-23-2020 08:38 AM
    Hi Irfan,

    In older versions of the OTK, only a single token could exist for a combination of client ID and resource owner. This was the default behavior.
    Are you not seeing these results in your testing? What grant type are you testing with?

    Regards,
    Joe


  • 5.  RE: OAuth Customization for Single Token Entry

    Posted 04-01-2020 09:50 AM
    Thanks alot for the help

    ------------------------------
    Developer
    ------------------------------