Force an Oauth 2.0 token to expire

anonymous · June 6, 2017, 2:05pm

I have a token generated using an OAuthV2 policy:

<OAuthV2 name="OAuthV2.GenerateAccessToken" continueOnError="false">
<Operation>GenerateAccessToken</Operation>
   <ExpiresIn ref="flow.expirationTime">3600000</ExpiresIn>
....
.... 
   <Attributes> 
      <Attribute name="attr1" ref="request.formparam.attr1" display="true"/> 
      <Attribute name="attr2" ref="request.formparam.attr2" display="true"/> 
   </Attributes> 
</OAuthV2>

The token is binded with 2 attributes and expires after 3600 seconds.

Under certain conditions on attr1 and attr2 I want to force the token to expire before the real expiration time.

There is some way to do this inside a proxy or the only way is revoke the token using management API:

http://docs.apigee.com/management/apis/post/organizations/%7Borg_name%7D/oauth2/accesstokens/%7Baccess_token%7D

willwitman · June 6, 2017, 3:54pm

Hi @aatth1 - I don’t think you can change the expiration of an existing token. As you probably found, the SetOAuthV2 policy does not allow you to change the expiration. Here’s another answer I found that might help you that involves a possible workaround (which I’ve never tried myself):

https://community.apigee.com/questions/1994/is-there-a-way-to-update-expiry-time-of-an-existin.html

I hope that helps,

Will

anonymous · June 6, 2017, 4:19pm

Thanks , this is what I was looking for.

In my case maybe I can just invalidate the token using the InvalidateToken operation.

But the workaround solution to modify the expiration time looks good to me.

Antonio

Topic		Replies	Views
Is there a way to update expiry time of an existing access token ? Apigee api-runtime	3	31	March 18, 2015
Invalidate access/refresh token after x hours Apigee api-runtime	6	9	April 8, 2016
Transfer Custom Attributes From Expired Access Token to New Access Token Apigee api-runtime	6	38	May 10, 2016

Force an Oauth 2.0 token to expire

AI Suggested topics