Skip to Main Content

ORDS, SODA & JSON in the Database

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Oauth token - Reuse active token

partlycloudyMay 17 2021

We have some client apps that do not maintain token state so they always call the ORDS /oauth/token endpoint and use the Bearer token to authorize for the subsequent ORDS API call. Since each ORDS bearer token is valid for 3600 seconds. Lots of unnecessary tokens are generated. Although the ORDS_HOUSEKEEPING_JOB cleans up unused tokens, this is wasteful
Questions
Can the ORDS /oauth/token endpoint to re-use the same token IF the client provides it in a custom x-token or such header, instead of generating a new token?
Can the expires_in attribute of the token be configured or is it hard-wired to 3600?
Thanks

Comments
Post Details
Added on May 17 2021
18 comments
270 views