Base solution for your next web application
Open Closed

How to implement refresh token endpoint in 3rd party application #10496


User avatar
0
shedspotter created

Prerequisites

Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.

product version = 6.3.0 product type = Angular product framework = NET 5

Hi. I am trying to implement Oauth authentication in one the 3rd party application using indetity server. I have configured all the thing and it working as expected but if I am not using that 3rd party application my authentication token has been expired in 3600 sec. I want to implemnt the refresh token in that application so that I am not facing any issue.

Then token enpoint = /connect/token Identinty server setting in appsetting.json refresh token endpoint = /api/TokenAuth/RefreshToken

is there any thing else I need to configure for getting refresh token Please help me with the same

Thanks,


3 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @shedspotter

    You can take a look at Identity Server's documentation for this, http://docs.identityserver.io/en/latest/topics/refresh_tokens.html. You just need to get a refresh token during the first login. Then, when access token expires, you need to request a new token using refresh token.

  • User Avatar
    0
    shedspotter created

    Hi @ismcagdas , thanks for the reply

    I am using enpoint = /connect/token for getting the auth token during the first login but I did not not getting any refresh token in response. is there any thing else I need to set in identity server configuration or any thing I need to pass in the enpoint = /connect/token so that I get refresh token as well in response.

    Please help me with the same

    Thanks

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @shedspotter,

    It is explained here http://docs.identityserver.io/en/latest/topics/refresh_tokens.html#requesting-a-refresh-token. I guess you basically need to add offline_access to your scope parameters. Could you try like that ?