Hi,
Is there a max limit to set for Access token expiry in "GenerateAccessToken" policy, for client credential grant type?
Say, I need to set my access token life to 24 hours, can i do that?
I tried adding below:
<ExpiresIn>86400000</ExpiresIn>
But it didn't work. The token i received had below value:
"expires_in": "86399",
What gives?
Thanks,
Kumud
Solved! Go to Solution.
I think it did work.
The way Apigee returns the values might be confusing. For sure it was confusing for me when I first saw it.
The confusing part is the input - the ExpiresIn value - must be specified in milliseconds.
The output - the "expires_in" property on the response payload - is specified in seconds.
And there is a fudge factor we include, so 86399 is .... a "floor".
The number of seconds in 24 hours, is 86400; Apigee sends back 86399 for safety. In case the app does pro-active token refresh.
To answer the question you posed in the title : is there a max limit?
I don't know. But if there is a limit, it is much higher than 24 hours, which means you cannot possibly be running into that limit, if you are setting a 24-hour lifetime on your tokens.
I think it did work.
The way Apigee returns the values might be confusing. For sure it was confusing for me when I first saw it.
The confusing part is the input - the ExpiresIn value - must be specified in milliseconds.
The output - the "expires_in" property on the response payload - is specified in seconds.
And there is a fudge factor we include, so 86399 is .... a "floor".
The number of seconds in 24 hours, is 86400; Apigee sends back 86399 for safety. In case the app does pro-active token refresh.
To answer the question you posed in the title : is there a max limit?
I don't know. But if there is a limit, it is much higher than 24 hours, which means you cannot possibly be running into that limit, if you are setting a 24-hour lifetime on your tokens.
Thanks Dino!
Yes i realized it later that response is in seconds 🙂