- Access Tokens
- Refresh Tokens
- ID Tokens
- Proof-of-Possession (PoP) Tokens
- PKCE (RFC 7636)
- Client Management
- Authorization Requests
- User Authentication
- Error Handling
- Client Authentication
- Userinfo Endpoint
- Device Flow (RFC 8628)
Changing token duration
After changing "token duration" settings on an Authlete service that has been issuing tokens, Authlete will:
- Preserve duration settings for tokens previously issued
- Apply the new duration settings for tokens to be issued after the change
This article explains how the settings affect access tokens and refresh tokens.
The new duration settings are to be applied on (re)issuing access tokens on token requests with various grant types including refresh token grant.
- If "Kept" is selected
- If "Not kept" is selected
How did we do with this article?