Our new Community environment is going to be launched soon!
This means that you will be redirected to the new environment automatically, where you can sign-in, look up - and post topics again. Please note that not all topics will be transferred, so it might occur that you can’t find the topic you were looking for.
We're using a single sign on (Oauth2.0) flow for our application. Now there is one issue that I'm trying to solve:
- Users are still logged in through the BB authorization profile even if their (access and refresh) token expires.
This means that some of their api calls for data collection(which requires the authorization provided through the token) ends up as invalid, since their token and refresh token has expired.
I've already tried / investigated a number of potential solutions, but can't quite find one that works well. The tried approaches include:
- Add a expression property that checks whether the "refresh_token_expires_at" is before "now". This could then be used in a datacontainer filter with a redirect if no results to force a token refresh. --> The issue with this approach, is that the expression property is only updated if the token record is, so it will not turn to false if the time passes the expiration date.
- on action error, global component interaction,logout. However, this also doesn't work. I've added a render web template if the condition isn't met, and even when I change the action to not work, it just stays on "failed to submit the form". Logs do show the error, so I would expect this to trigger the interaction.
- logout authenticated user in the action. But this doesn't seem to work in combination with the new page builder.
If anyone has a solution to this login expiry, or if I made an error in one of my solutions that should actually work, I would love to hear your inputs.
Kind Regards,
Tjerk
Hi all,
We're using a single sign on (Oauth2.0) flow for our application. Now there is one issue that I'm trying to solve:
- Users are still logged in through the BB authorization profile even if their (access and refresh) token expires.
This means that some of their api calls for data collection(which requires the authorization provided through the token) ends up as invalid, since their token and refresh token has expired.
I've already tried / investigated a number of potential solutions, but can't quite find one that works well. The tried approaches include:
- Add a expression property that checks whether the "refresh_token_expires_at" is before "now". This could then be used in a datacontainer filter with a redirect if no results to force a token refresh. --> The issue with this approach, is that the expression property is only updated if the token record is, so it will not turn to false if the time passes the expiration date.
- on action error, global component interaction,logout. However, this also doesn't work. I've added a render web template if the condition isn't met, and even when I change the action to not work, it just stays on "failed to submit the form". Logs do show the error, so I would expect this to trigger the interaction.
- logout authenticated user in the action. But this doesn't seem to work in combination with the new page builder.
If anyone has a solution to this login expiry, or if I made an error in one of my solutions that should actually work, I would love to hear your inputs.
Login to reply