Details
-
Story
-
Status: Draft (View Workflow)
-
P3
-
Resolution: Unresolved
-
None
-
None
-
-
CP: Roadmap backlog
-
5
-
Core: Platform
Description
h2 Overview
With the move toward short lived access tokens and the use of refresh tokens, edge-common should adopt the silent refresh pattern.
When logging in, both access and refresh tokens will be returned. Currently only the access token is cached. Instead both should be saved (in memory). Before the access token expires, the refresh token should be used to obtain a new access token.
Expiration of both access and refresh tokens must be handled gracefully by retrieving the credentials from secret storage and logging in again.
The token cache should be updated such that the TTL is always shorter than the access token TTL
Acceptance Criteria
- Silent refresh is implemented
- Token expiration is handled gracefully
- the token cache is updated as needed
TestRail: Results
Attachments
Issue Links
- relates to
-
FOLIO-2556 SPIKE: investigate refresh tokens support in FOLIO
-
- Closed
-
- mentioned in
-
Page Loading...