On Thu, Jan 9, 2014 at 8:41 AM, Vanjikumaran Sivajothy <[email protected]>wrote:
> Hi Devs, > Does Refresh token has a expired value like Access Token? > > > If I Do not utilized it, then will it be valid forever? > AFAIK, there is no expired time for refresh token. But authorization server must implement a refresh token rotation method. Once new access token is granted using a refresh token, Server could return a new refresh token by invalidating older one. Also If refresh token is compromised, It can be invalidated using above. Thanks, Asela. > > Best Regards > -- > Sivajothy Vanjikumaran > *Senior Software Engineer* > *Integration Technologies Team* > *WSO2 Inc. http://wso2.com <http://wso2.com/>* > *Mobile:(+94)777219209* > *Mobile USA:**(+1)918 813 2403* > [image: Facebook] <https://www.facebook.com/vanjikumaran> [image: > Twitter]<https://twitter.com/vanjikumaran> [image: > LinkedIn] <http://www.linkedin.com/pub/vanjikumaran-sivajothy/25/b31/293> > [image: > Blogger] <http://vanjikumaran.blogspot.com/> [image: > SlideShare]<http://www.slideshare.net/vanjikumaran> > > This communication may contain privileged or other > confidential information and is intended exclusively for the addressee/s. > If you are not the intended recipient/s, or believe that you may > have received this communication in error, please reply to the > sender indicating that fact and delete the copy you received and in > addition, you should not print, copy, re-transmit, disseminate, or > otherwise use the information contained in this communication. > Internet communications cannot be guaranteed to be timely, secure, error > or virus-free. The sender does not accept liability for any errors > or omissions > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Thanks & Regards, Asela ATL Mobile : +94 777 625 933
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
