Oauth Access Token Renew | Expiration extended and same token is provided
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā04-12-2019 03:46 AM
Hello team,
We are trying to use Oauth for our integrations and we noticed that each time we attempt to renew the access token before it expires (we have a script for that), the expiration date of the token is extended but the token itself does not change. As result the same identical Access token can be valid for months (security concerns).
Apparently only if the Access Token is expired, the renew action will generate a new token.
Is this as designed, shall we let the previous token expire before we can properly renew it? but in this case we would end up in having a short outage time between the expiration and the actual renew.
Thanks a lot for the support š
P.S.
Does not matter the way or system we use to renew the access token, we can do that via Curl or within ServiceNow, still if the Access token is refreshed before expiration, no new token is provided BUT the expiration time get extended.
- Labels:
-
Integrations
- 1,557 Views
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā06-07-2019 09:32 AM
Hello,
Could you please let me know what the script you are using to renew the token before it expires, I am trying to implement something similar.
Thank you !
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā01-27-2021 10:22 PM
Can you please share the curl command or the way you tried to extend the expiry of access token within servicenow. I have a similar requirement.
