This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to generate Refresh Token with as SAML external IDP?

Posted on 04-03-2017 12:29 AM
Not applicable
Reply posted on --/--/---- --:-- AM

We are using external SAMl token to issue an APIGEE token after validating the SAML token.

After validating the token, we are using the below policy to generate the apigee access token. I understand from other blogs and community that when we use Client Credentials as grant type, we will not be having any Refresh token generated.

What Grant type makes more sense to generate the access token in this case? we need the refresh token also to be generated along with the access token.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="OA_GenerateAccessTokenSAML">
    <DisplayName>OA_GenerateAccessTokenSAML</DisplayName>
    <Operation>GenerateAccessToken</Operation>
    <ExpiresIn ref="saml_sessionTimeRemaining">3600000</ExpiresIn>
    <!--<ref></ref></ExpiresIn>-->
    <SupportedGrantTypes>
        <GrantType>client_credentials</GrantType>
    </SupportedGrantTypes>
    <Attributes>
        <Attribute name="UPN" ref="upn"/>
    </Attributes>
    <Attributes>
        <Attribute name="email" ref="email"/>
    </Attributes>
    <GenerateResponse enabled="false"/>
    <GenerateErrorResponse enabled="true"/>
</OAuthV2>

thank you

0 1 5,663
Topic Labels
0 Likes
1 REPLY 1