Menu
If someone are looking how to change access_token life time (expires_in) for FOSOAuthServerBundle then here is how to do it:
fos_oauth_server:
service:
user_provider: fos_user.user_manager
options:
access_token_lifetime: 20 #will set token life time to 20 seconds
This way you also have possibility to change other options of OAuth2.0 library that is fully used by FOSOAuthServerBundle.
Hope this post saves someone's time ;) Have a nice time for other important tasks and improvements ;) Enjoy
434
By default, access tokens are valid for 60 days and programmatic refresh tokens are valid for a year. The member must reauthorize your application when refresh tokens expire.
Renew tokens A valid bearer token (with active access_token or refresh_token properties) keeps the user's authentication alive without requiring him or her to re-enter their credentials frequently. The access_token can be used for as long as it's active, which is up to one hour after login or renewal.
Access tokens can expire for many reasons, such as the user revoking an app, or if the authorization server expires all tokens when a user changes their password. If you make an API request and the token has expired already, you'll get back a response indicating as such.
A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days. There is currently a limit of 100 refresh tokens per Google Account per OAuth 2.0 client ID.
is in the official documentation: https://github.com/FriendsOfSymfony/FOSOAuthServerBundle/blob/master/Resources/doc/configuration_reference.md
182
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
