Tagged: ,

This topic has 0 replies, 1 voice, and was last updated 6 years, 4 months ago by ndavid.

  • Author
  • #8872

    I am using OpenAM 13 for storing policies and having policy evaluation via ../policies?_action=evaluate. The subject is specified as “ssoToken” as the user has been authenticated and has a valid session. That works fine.

    Now i need to implement the refreshToken functionality in the same way as I would do with the OAuth API. The session has been expired already but I need to “refresh” it in order to use the (new) “ssoToken” for policy evaluation. How can I do that?

    1. Can I have the OAuth2-like refreshToken functionality for the ssoToken as well?
    2. Alternatively I would use the OAuth2 API, where I have the refreshToken functionality. How can I specify the subject of the policy evaluation when I have an OAuth2 access token only and no ssoToken?

    Thanks in advance,

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?