Thank you Asela and Nuwan for comprehensive answer
On Thu, Jan 9, 2014 at 9:44 AM, Nuwan Dias <[email protected]> wrote: > On Thu, Jan 9, 2014 at 9:38 AM, Asela Pathberiya <[email protected]> wrote: > >> >> >> >> On Thu, Jan 9, 2014 at 8:41 AM, Vanjikumaran Sivajothy <[email protected]>wrote: >> >>> Hi Devs, >>> Does Refresh token has a expired value like Access Token? >>> >>> >> >>> If I Do not utilized it, then will it be valid forever? >>> >> >> >> AFAIK, there is no expired time for refresh token. But authorization >> server must implement a refresh token rotation method. Once new access >> token is granted using a refresh token, Server could return a new refresh >> token by invalidating older one. Also If refresh token is compromised, It >> can be invalidated using above. >> > > Yes, refresh token does not expire. But when you use it (once) to get a > new access token, the existing refresh token will be invalidated and you > will receive a new refresh token. > >> >> Thanks, >> Asela. >> >> >>> >>> Best Regards >>> -- >>> Sivajothy Vanjikumaran >>> *Senior Software Engineer* >>> *Integration Technologies Team* >>> *WSO2 Inc. http://wso2.com <http://wso2.com/>* >>> *Mobile:(+94)777219209* >>> *Mobile USA:**(+1)918 813 2403* >>> [image: Facebook] <https://www.facebook.com/vanjikumaran> [image: >>> Twitter] <https://twitter.com/vanjikumaran> [image: >>> LinkedIn]<http://www.linkedin.com/pub/vanjikumaran-sivajothy/25/b31/293> >>> [image: >>> Blogger] <http://vanjikumaran.blogspot.com/> [image: >>> SlideShare]<http://www.slideshare.net/vanjikumaran> >>> >>> This communication may contain privileged or other >>> confidential information and is intended exclusively for the addressee/s. >>> If you are not the intended recipient/s, or believe that you may >>> have received this communication in error, please reply to the >>> sender indicating that fact and delete the copy you received and in >>> addition, you should not print, copy, re-transmit, disseminate, or >>> otherwise use the information contained in this communication. >>> Internet communications cannot be guaranteed to be timely, secure, error >>> or virus-free. The sender does not accept liability for any errors >>> or omissions >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Thanks & Regards, >> Asela >> >> ATL >> Mobile : +94 777 625 933 >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Nuwan Dias > > Senior Software Engineer - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 > -- Sivajothy Vanjikumaran *Senior Software Engineer* *Integration Technologies Team* *WSO2 Inc. http://wso2.com <http://wso2.com/>* *Mobile:(+94)777219209* *Mobile USA:**(+1)918 813 2403* [image: Facebook] <https://www.facebook.com/vanjikumaran> [image: Twitter]<https://twitter.com/vanjikumaran> [image: LinkedIn] <http://www.linkedin.com/pub/vanjikumaran-sivajothy/25/b31/293> [image: Blogger] <http://vanjikumaran.blogspot.com/> [image: SlideShare]<http://www.slideshare.net/vanjikumaran> This communication may contain privileged or other confidential information and is intended exclusively for the addressee/s. If you are not the intended recipient/s, or believe that you may have received this communication in error, please reply to the sender indicating that fact and delete the copy you received and in addition, you should not print, copy, re-transmit, disseminate, or otherwise use the information contained in this communication. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
