Forum Discussion

Cirrocumulus

May 13, 2020

F5 oauth server refresh token revocation

Dear All, I am working on a F5 as the oauth server provider which provides JWT access tokens for oauth clients, everything works fine but now we want to know how to revoke the access / refresh ...

application delivery

BIG-IP Access Policy Manager (APM)

oauth

revocation

Marvin

Cirrocumulus

May 14, 2020

For JWT Access Token Lifetime, type a number.
This specifies the number of minutes a JWT access token is considered valid. In specifying this lifetime, consider that JWT access tokens cannot be revoked.
For JWT Generate Refresh Token, select Enabled so the OAuth authorization server generates a refresh token in addition to the access token for authorization code and resource owner credential grants.
For JWT Refresh Token Lifetime, type a number.
This specifies the number of minutes a refresh token is considered valid. In specifying this lifetime, consider that JWT refresh tokens cannot be revoked.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 oauth server refresh token revocation

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

irule executes twice when refreshing a website

GTM Hardware Refresh

Microsoft Exchange Server

Refresh of F5 Equipment

Hardware Refresh Best Practices

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS