ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

API Gateway - OTK Token Lifetime Configuration

book

Article ID: 227513

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

Is there a way to set the OTK Token Lifetime (oauth2_auth_code_lifetime_sec) for each OTK client?

Environment

Release : 4.4

Component : OTK

Resolution

The "oauth2_auth_code_lifetime_sec" setting is configured in the "OTK Token Lifetime Configuration" policy. This is reading the value from the cluster-wide property "otk.oauth2.auth_code.lifetime_s" and it is set to 300 seconds by default. There is no out-of-the-box option available to set this value for each OTK client.

However, you can use the hash policy "#OTK Token Lifetime Configuration" to set the required value for the token lifetime. You need to read the client name and then set the required value.

Additional Information

Please note, this is a custom configuration and you are responsible for any changes in the hash policy.