Is it possible to refresh token in OIDC application published to OIN?

michaelt · March 10, 2021, 1:49pm

We planing to do okta integration for our clients, we plan to create an OIDC application that would be published to OIN, one confusion I have is around token refresh

I see this in documentation:

"The grant types permitted for an OIN app integration depend on the platform selected:

Web:
- Authorization code — mandatory for web platform applications
- Refresh token — not supported for OIN app integrations
  "
  I can’t understand is it means that I can’t use offline_access scope to get refresh token ?

warren · March 10, 2021, 7:02pm

That’s what I understand as well from reading that doc. It sounds like the OIN app doesn’t support the offline_access scope so it’s not possible to get a refresh token. Hopefully that will change in the future.

michaelt · March 10, 2021, 7:16pm

I am a bit baffled right now, if I can’t refresh the token it means the user needs to be involved in the process this is impractical if I looking for a server/server integration, what would be the best option for this scenario then?

Post		Replies	Views
OIN SSO Apps and offline_access or refresh tokens, how to handle long sessions? OAuth/OIDC	2	1271	February 2, 2024
What application type should i chose? OIN Submissions	6	1946	March 2, 2024
Unable to retrieve refresh_token OAuth/OIDC	2	6020	August 3, 2017
How to get OpenID Connect auth code and refresh token OAuth/OIDC	7	9356	June 15, 2017
Okta SCIM OAuth integration failure with refresh_token SCIM	4	1016	May 1, 2024

Is it possible to refresh token in OIDC application published to OIN?

Related topics