Hi Supun, I don't think there is expire active tokens but we do have revocation of tokens. The publisher can revoke tokens given for his APIs in the API Publisher. Also we have token revocation endpoint in OAuth server which complies to the oauth2 token revocation draft. Also there is a web service API for end users to revoke tokens given on behalf of them. You can find this UI in the APIM management console under My Identity > My Authorized Apps.
Which one to use depends on your requirement. Thanks, Johann. On Sat, Jul 13, 2013 at 12:28 PM, Supun Malinga <[email protected]> wrote: > Hi, > > $subject? > Would like to know the possible options/workarounds.. > > thanks, > -- > Supun Malinga, > > Senior Software Engineer, > WSO2 Inc. > http://wso2.com > http://wso2.org > email - [email protected] <[email protected]> > mobile - 071 56 91 321 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
