We’re implementing an IoT solution where the edge devices are kept in a physically secure location. In connecting to our message broker, we want to use Okta as our authorization server using JWT. Since the devices are secure we would like these tokens to be very long lived. Currently, it looks like the max we can set for the expiration date is 24h. Is there a way via the Okta APIs to generate a client JWT that has a longer expiration date?
You should be able to use a refresh token with a much longer duration. Then you can use it to get a new access token.