How to change the access token lifetime?

For testing purposes I’m trying to set access tokens to expire every 5 mins for a particular app. But even though I seem to have configured this in the Okta console, my tokens are still lasting the default 1 hour.

I’ve got two access policies for my auth server:

  1. My testing one which applies only to a given app and has the single rule for the 5-min lifetime.
  2. The default policy which applies to all clients and has the default 1-hour.

But as I say my tokens still have a 1-hour expiry. Any help appreciated!

What issuer are you currently using? Have you ensured that the issuer you are requesting tokens from is the custom authorization server you configured?

Yes, I’m sure about that, because I’ve only got one server (“default”).

One thing that seems odd about the configuration is that if I edit my 5-min policy, the “Assign to the following clients” box in the “Edit Policy” dialog is empty, despite the fact that I put the client ID for my app in there.

Technically you have two authorization servers, the Org one (iss = and the “Default” Custom one (iss, which is why I asked that question.

If you start typing the name for the app, you’ll need to click on the application name in order to have it added to the policy. Does it work if you do that?

Ah, right. I assumed it was wanting a client ID not a name, and because it didn’t object when I gave it one I assumed it was accepted. Sorted now, thanks.

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.