This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Invalidation of Refresh Token using InvalidateToken not working.

Posted on 07-01-2020 02:08 AM
joshuacarino
Silver 1
Silver 1
Reply posted on --/--/---- --:-- AM

Hi, I',m trying to invalidate a refresh_token and its associated access_token with the ff. code

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 name="OA-InvalidateRefreshToken">
    <DisplayName>OA-InvalidateRefreshToken</DisplayName>
    <Operation>InvalidateToken</Operation>
    <Tokens>
        <Token type="refreshtoken" cascade="true">request.formparam.refresh_token</Token>
    </Tokens>
</OAuthV2>

However, I'm receiving an error of 

{
 "fault": {
 "faultstring": "Access Token expired",
 "detail": {
 "errorcode": "keymanagement.service.access_token_expired"
 }
 }
}

I look at the policy, and it seems to be getting the refresh_token value properly, and second, I'm passing a valid refresh_token with an expired access_token. I don't need it to validate whether if the access_token is valid or not as I am going to invalidate both of it anyway.

Is there any param like in

<IgnoreAccessTokenStatus> as seen in GetOAuthV2Info Policy?. So that I could successfuly invalidate both tokens?

0 3 460
Topic Labels
0 Likes
3 REPLIES 3