Access token lifetime not changing

boubou158 · November 23, 2023, 8:06am

Hi,

I am trying to set the expiry date of the access token to the minimum possible in order to investigate some frontend behavior to put in place (automatically logout the user instead of refreshing the token when access token is expired).

However, when I go to Security > Api > Authorization Server and i modify the rule Access token lifetime is 5minutes. The access token still contains an expiry date now() + 1hour which is not what i am expecting after this change.

I have noticed this
THENUse this inline hook

[None (disabled)]

ANDAccess token lifetime is

5 [Minutes]

ANDRefresh token lifetime is

Could this inline hook disabled be the problem?

Could anyone help me please?

Thank you

boubou158 · November 23, 2023, 11:57am

For the ones looking for a solution, the issue was that I was modifying the default authorization server configuration for access token expiry, but still targeting the ORG authorization server which has a hardcoded value of 60minutes which was not relying on the default authorization server changes. Okta Help Center (Lightning)

system · November 24, 2023, 11:57am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
How to change the access token lifetime? Questions	5	8743	March 30, 2022
Incorrect Exp timestamp in IdToken OAuth/OIDC	3	4050	January 8, 2020
Refresh token lifetime OAuth/OIDC api	6	7709	January 18, 2022
Change the Org Authorization Server Policy/Rules API	4	1990	February 13, 2024
Token lifemes Options and interactions Questions	3	3335	December 4, 2021

Access token lifetime not changing

Related topics