Reputation: 55
Set / modify the IdentityServer4's AccessTokenLifeTime value at run-time?
Is it possible to modify / set the AccessTokenLifeTime value at run-time based on the claims' expiration date contained within the token?
Upvotes: 0
Views: 933
Answers (1)
Reputation: 19901
One option is to add your own custom expiry claim inside the access token, and then when you receive and authorize the token, then you can reject the access token if it has expired.
Think it can be a good idea to keep the access/refresh token lifetime to be static, and then handle custom expiration separately.
You could try to evaluate if the Client UserSsoLifetime property would help you?
see https://docs.duendesoftware.com/identityserver/v6/reference/models/client/#authentication--session-management and the sample test here
The second alternative is to implement your own ITokenService, see the default implementation here.
Upvotes: 1
Related Questions
- How to change ".AspNetCore.Identity.Application" cookie expiration?
- Identityserver4 - change the default 'AccessTokenLifetime' from 3600
- IdentityServer4 how to set server cookie expiration
- How to Change Persistent Cookie Expiration Time in .Net Core 3.1 Identity Server 4
- Change default token timeout expire to configurable in identity server 4 without using cookies
- Can we set access token to not expire?
- Identity Server 4- Setting the Access Token lifetime
- How To Set Logon Expiry in ASP.NET Core Identity
- Set Token Validation Period in Identity Server 4
- How to set the UserTokenProvider token expiration