By: Bhupinder Saini user 06 Nov 2020 at 2:56 a.m. CST

3 Responses
Bhupinder Saini gravatar
https://gluu.org/docs/gluu-server/4.2/api-guide/openid-connect-api/ ``` Client Registration Response registration_access_token Registration: Access Token that can be used at the Client Configuration Endpoint to perform subsequent operations upon the Client registration. ``` * Whats the validity of registration_access_token? * Is this validity configurable parameter ? * If it expires, How do client obtain new token? I couldn't find any documentation in this relation. Thanks Bhupinder Singh

By Michael Schwartz staff 11 Nov 2020 at 11:15 a.m. CST

Michael Schwartz gravatar
The registration access token is good for eternity. There is no property to set the expiration. However, you could expire the client itself.

By Yuriy Zabrovarnyy staff 11 Nov 2020 at 12:30 p.m. CST

Yuriy Zabrovarnyy gravatar
Right, `registration_access_token` is expired together with client. If update/rotation is really needed the workaround can be update `registration_access_token` via Dynamic Registration Custom Script during update. E.g. https://github.com/GluuFederation/community-edition-setup/blob/79508122a7e37318e05a2a8f55d09278479e2718/static/extension/client_registration/SampleScript.py#L67 ``` client.setRegistrationAccessToken("newtoken"); ```

By Yuriy Zabrovarnyy staff 13 Nov 2020 at 9:26 a.m. CST

Yuriy Zabrovarnyy gravatar
Bhupinder , can we close this ticket or there is anything else to discuss ?