Forum Discussion

hedykim's avatar
hedykim
Icon for Nimbostratus rankNimbostratus
Mar 11, 2025
Solved

F5 iControl REST API - Token Lifecycle Management

Hello, I have a question about the API Token Lifecycle Management.

In my case, I got the difference between expired tokens lifecycle management in two different versions BIG-IP 15 and 17.

------------------ BIG-IP Version ------------------
Sys::Version
Main Package
  Product     BIG-IP
  Version     15.1.10.6
  Build       0.0.6
  Edition     Point Release 6
  Date        Thu Nov 21 05:48:27 PST 2024

 

------------------ BIG-IP Version ------------------
Sys::Version
Main Package
  Product     BIG-IP
  Version     17.1.2.1
  Build       0.0.2
  Edition     Point Release 1
  Date        Tue Dec 17 03:58:42 PST 2024

 

Version 15

  1. I've got a new API Token with timeout value is 1200s
  2. past 1200s, I've checked the API Token is unavailable 
  3. then past 600s, this expired API Token has been removed in /mgmt/shared/authz/tokens

Version 17

  1. I've got a new API Token with timeout value is 1200s
  2. past 1200s, I've checked the API Token is unavailable 
  3. This expired API Token does not remove in /mgmt/shared/authz/tokens.
    Certainly it can be removed by DELETE method request.

 

Why relatively recent version 17 does not work expired token automatically delete?

 

Thank you, greetings!