By: Michał Piątkowski user 22 Oct 2020 at 3:35 p.m. CDT

2 Responses
Michał Piątkowski gravatar
I have long lasting queue in system (microservices). Request goes in and can go out after few hours when backlog is big. How can I manage access token there? I can't put normal access token, as his lifespan is too short. For now I've created second client (to set access token lifetime for few hours instead of 5 minutes) and assigned special scope, which can invoke only this exact action. If token gets compromised, damage will be limited. Problem is when I try to get this new token. First try would be by client credentials grant, but this action has to be done as user. Second try is getting access token by refresh token grant, but clients are different, so I ended up with wrong token error. Is there any other option than putting all microservices behind api gateway? Thank you in advance for any info.

By Michał Piątkowski user 05 Nov 2020 at 2:22 p.m. CST

Michał Piątkowski gravatar
Any information?

By Michael Schwartz Account Admin 09 Nov 2020 at 8:26 p.m. CST

Michael Schwartz gravatar
You might consider using the token introspection script to extend the lifetime of the access token. You have quite a bit of flexibility in that script, although you might have to dig into the java code to figure out what classes and methods to use.