- Managing issued tokens granted by each user (obtaining a list of clients, and updating scopes and revoking permissions for a particular client)
- Authlete's policy on sweeping unused tokens
- How to specify token(s) on updating its information
- Token duration per scope
- Changing token duration
- How to calculate token duration
- Access Tokens
- Refresh Tokens
- ID Tokens
- Client Management
- Authorization Endpoint
- Error Handling
- Client Authentication
- Userinfo Endpoint
How to calculate token duration
The logic of how to calculate access (refresh) token duration varies, depending on the Authlete version. Here are the specific calculation steps.
(Suppose that duration is the resulting token duration.) 1. Get the value of the token duration of the service and set duration to it as its initial value. Since Authlete 2.0, the following steps are additionally performed 2. If token duration is set for any of the requested scopes (see this for more details), perform the following steps. 2.1. Get the minimum value out of all the token durations that are set for those scopes. 2.2. Set duration to the smaller of the value obtained in 2.1 and the current duration. Since Authlete 2.1, the following step is additionally performed 3. If token duration is set for the requesting client (see this for more details), set duration to the smaller of the token duration set for the client and the current duration.
How did we do with this article?