Changing token duration

Overview

After changing "token duration" settings on an Authlete service that has been issuing tokens, Authlete will:

Preserve duration settings for tokens previously issued
Apply the new duration settings for tokens to be issued after the change

This article explains how the settings affect access tokens and refresh tokens.

Access Tokens

The new duration settings are to be applied on (re)issuing access tokens on token requests with various grant types including refresh token grant.

token-duration-1.png 37.36 KB

Refresh Tokens

The change may affect refresh tokens based on "Refresh Token Continuous Use" settings.

“Refresh Token Continuous Use” in “Token” tab

If "Kept" is selected
- The new duration won't be effective until the existing refresh token is expired and reissued.
  token-duration-2.png 50.81 KB
If "Not kept" is selected
- The new duration is effective for a new refresh token that is to be issued along with a new access token on refresh token grant (using the old refresh token).
  token-duration-3.png 66.92 KB

See Also

Refreshing a refresh token when the grant type is "refresh_token"

How did we do with this article?