Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-6236

Add token life time options per OAuth2 client

    XMLWordPrintable

    Details

      Description

      This is an enhance request to add token life time options per OAuth2/OpenID Connect client:

      • Authorization Code Life Time (Seconds)
      • Access Token Life Time (Seconds)
      • Refresh Token Life Time (Seconds)
      • JWT Token Life Time (Seconds)

      Background of enhancement

      Currently, token life times can be set per OAuth2 service (in other words, per realm). If we want to use various OAuth2 clients, we cannot set the times according to client's security level (can only set the times to the lowest values for the client having the highest security risk). In this case, OpenAM servers have to process requests more than actually needed.

        Attachments

          Issue Links

            Activity

              People

              kohei kohei
              nriossc NRI Support Team
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: