When we make a call v2/token services consequently after 3 attempts, if would make the 4th attempt to the services it invalidates the first token. How could we avoid this?
If I understand correctly, you generate 3 tokens, on the 4th token being created the 1st token is then invalidating, is that right? Meaning, you can only generate a max of 3 tokens?
What grant type are you using?
Do you have this value max_oauth_token_count set in the #OTK Storage Configuration policy?
Am using password grant_type.You are understanding is right peruser 3 sessions or access token allowed issued. As you mentioned I have already seen OTK Storage Configuration for the variable max_oauth_token_count which is one by default(OutOfbox). Am wondering if it was one how could it even allow 3 bit confused?
Can you verify you are not overriding this setting in the "#OTK Storage Configuration" configuration policy.
Also what version of OTK are you using?
OTK version 3.5.
Note that 3.5 does not support multiple token from same apps, it does count all active tokens regardless of the apps currently in use.
4.1 correct this.
You shoud have a #OTK Storage Configuration Extension inside OTK Storage Configuration that override the default settings.
Client-Specific Customization - CA API Management OAuth Toolkit - 4.1 - CA Technologies Documentation
Pretty sure you have the same problem as me. I have opened a case with CA and waiting for their call
MIchell.Pls have the notes over here as and when CA updates on it.
We are using 4.1 so it shouldn't be the same problem. Mine is that it request the token count from DB with the same client_ident so when it does cycle, it cycle over the wrong applications. I don't want to pollute your post
Retrieving data ...