How to get refresh token or increase timeout of access token

sumit7325 · November 1, 2018, 1:05pm

I need to implement a user idle session timeout, as after completing a successful login, I have access_token which I am verifying on every request come to serve using /oauth2/introspect so if access_token is active user can access the resource. so now i want to refresh expire time of access_token on every request and compare with idle session time configured.
for example, if session timeout is configured 15 min and the server is not receiving request till 14 min if on next second request comes I need to refresh expire time of token to 15 min.
Thanks

version
[1.0.0-beta.8]

hackerman · November 1, 2018, 6:32pm

I think this will become possible with: https://github.com/ory/hydra/issues/1088

sumit7325 · November 3, 2018, 2:55pm

Thanks arekkas for reply ,

I have gone through the link which you have shared , that will solve one part of my requirement to add exipry time in refresh_tokens but the thing is I am not getting refresh_token itself after completion of OIDC flow , my angular2-oidc client only returning access_token . so my question how to get refresh_token or how to configure expire time of access token and increase it dynamically .

hackerman · November 3, 2018, 3:47pm

You need to request the offline scope and your consent app needs to grant the offline scope.

sumit7325 · November 3, 2018, 4:13pm

I am requesting scope as'openid offline' only please check this image for config