Tobias
Reputation: 1092
Configuration of JWT expiration time in Okta (OpenID Connect)
Is it possible to configure jwt token expiration time (exp property) for an Okta OpenId Connect application?
It seems to be set to 1 hour from issuing time (iat property) for both implicit and authorization code grants.
Upvotes: 0
Views: 1535
Answers (1)
Raphael Londner
Reputation: 512
the expiration time of our OIDC tokens is not configurable and is indeed fixed to 1 hour. It's up to your app to use the refresh token and ask for a new access token (in the authorization code flow scenario) or simply call the authorize endpoint again to get a newer token (in the case of the implicit flow).
Upvotes: 1
Related Questions
- Single sign-on flow using JWT for cross domain authentication
- JWT (JSON Web Token) automatic prolongation of expiration
- Why is there an "Authorization Code" flow in OAuth2 when "Implicit" flow works so well?
- OpenIdConnect verify jwt from OpenId Provider
- What is intent of ID Token expiry time in OpenID Connect?
- DocuSign: set expiration in JWT Token - always get access token with one hour expiration
- OpenID Connect with stateless JWT Tokens
- Okta validating JWT token using public keys from OpenID Connect config
- OpenID Connect not available in "oktapreview"