Facing a strange behavior in Apigee OAuth policy.
When I set expires_in = 3600 (1 hour, as per docs), Apigee seems to ignore it and applies its default value.
But when I set expires_in = 3600000 (milliseconds), I get the correct 3600 seconds in the response.
Official documentation says the value should be in seconds, but it behaves correctly only when using milliseconds.
Has anyone else encountered this? Is this expected behavior or a known issue?
Hi @Shahrez_Faisal,
I think there may be a misunderstanding here: in Apigee OAuthV2, ExpiresIn is configured in milliseconds, not seconds. So 3600 is only 3.6 seconds, while 3600000 is 1 hour. The token response then shows expires_in in seconds, which is why 3600000 results in 3600 in the response. This is exactly what the documentation describes.
Any positive, non-zero integer. Specify the expiry time in milliseconds. Although the value of this element is in milliseconds, the value set in the token's expires_in property and in the expires_in flow variable is expressed in seconds.