Access token lifetime not changing


I am trying to set the expiry date of the access token to the minimum possible in order to investigate some frontend behavior to put in place (automatically logout the user instead of refreshing the token when access token is expired).

However, when I go to Security > Api > Authorization Server and i modify the rule Access token lifetime is 5minutes. The access token still contains an expiry date now() + 1hour which is not what i am expecting after this change.

I have noticed this
THENUse this inline hook

[None (disabled)]

ANDAccess token lifetime is

5 [Minutes]

ANDRefresh token lifetime is

Could this inline hook disabled be the problem?

Could anyone help me please?

Thank you

1 Like

For the ones looking for a solution, the issue was that I was modifying the default authorization server configuration for access token expiry, but still targeting the ORG authorization server which has a hardcoded value of 60minutes which was not relying on the default authorization server changes. Okta Help Center (Lightning)

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.