Access token generated by Management API has too long lifetime #2585
Replies: 5 comments
-
|
@char000, thank you for opening this issue. We will triage it within the next few business days. |
Beta Was this translation helpful? Give feedback.
-
|
Hi @char000, right this is not possible to configure the token lifetime currently. I'm leaving it as a feature request. |
Beta Was this translation helpful? Give feedback.
-
|
@char000, thank you for requesting this feature. |
Beta Was this translation helpful? Give feedback.
-
|
@mikebudzynski Is there any update about this request? |
Beta Was this translation helpful? Give feedback.
-
I would like to see this feature too. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Every bug report should have precise description and reproduction steps; console traces or source code references are appreciated.
For assistance requests, contact Azure support or submit a post on Stack Overflow. We don't provide support through GitHub Issues. Feature requests can be raised on the Azure Feedback Forum.
Description
We are using signin delegation for signing user into developer portal.
After user is authenticated by our backend, our backend generates SAS token with lifetime of 3 minutes and then redirect the user to developer portal (/signin-sso) with that SAS token.
Developer portal uses SAS token to call management API endpoints to get a list of products/apis, etc
Management API endpoints (specifically, this API) returns json response along with a new token in Ocp-Apim-Sas-Token header with lifetime of 1hr
We would like to have expiry of token generated in step 3 to be 15-20min.
Support request ID: 2109290060001844
Beta Was this translation helpful? Give feedback.
All reactions