How to handel inactive access token?


When I am introspecting a access token after an interval hydra is returning { “active”: false }. If I hit on oauth2/introspect again I am getting { “active”: true …}. On the first hit on oauth/introspect I found in the log

hint=“An introspection strategy indicated that the token is inactive.”

So I am guessing after first hit the access token getting activated so after that in second hit it’s sending that the token is active.

So how should I handle this

  1. Active a access token somehow before introspect
  2. Is it possible to know when the access token will inactive in client side so that client can get a new access token if it’s inactive. I can check the access token expires time but didn’t see any inactive time.
  3. Send error to the client and then client will get a new access token

Actually I found out that the hydra server gets idle mode (or something like that) if it don’t receive any request for sometime (5-10 minute). After that any request to hydra server result in error but in next hit and onwards it works fine. Any idea how fix it?


Hi there!

Not sure if it’s the exact same issue I have experienced before, but i use to have an issue similar to this before as well. For me it started happening when I first switched over to using a mysql db after testing on an in memory one.

The way i resolved the issue was to set an option on the DATABASE_URL environment variable for Hydra that made sure i didn’t have any idle connections.

ex: DATABASE_URL = mysql://{user}:{pass}@tcp({db_url}:{port})/{db_table}?parseTime=true&max_idle_conns=0

Not sure if you’re using the same db as I was or not, but that was how i fixed the issue.


@Obrys thanks a lot. It’s working fine now. I am using PostGreSQL and after putting max_idle_conns=0 in my DATABASE_URL I am not getting the errors anymore.