How Solace makes an OAuth Token Call to APIGW

Dhanusri
Dhanusri Member Posts: 15 ✭✭

Recently, there was a concern from APIGW team that Solace is making more OAuth token calls than expected, which is impacting their license cost directly.

Upon checking in details, it was found that the token expiry value was set to 900 by default at Solace. However, the token lifetime was set to 3600 from APIGW end.

Therefore, we had increased the token expiry value to 3600 at Solace. But still APIGW team could observe there is no change in the token calls made.

So, would like to know whether Solace reuses the token for the specified time and how

this whole connectivity works

Solace version : 10.4.1.121

Answers

  • Aaron
    Aaron Member, Administrator, Moderator, Employee Posts: 634 admin

    Hey @Dhanusri , I'm pretty sure OAuth token refresh is configured within the applications. So maybe you need to check with your app teams why they're refreshing so frequently? Defining Client Authentication Info (solace.com)

  • Dhanusri
    Dhanusri Member Posts: 15 ✭✭
    edited October 4 #3

    Hi @Aaron, It is Solace broker who is using the OAuth details of APIGW inside the RDP configured.

    I believe the above comments from your end is wrt the clients connecting to the Solace broker using OAuth Authentication.

  • pkondrat
    pkondrat Member, Employee Posts: 27 Solace Employee

    Hi @Dhanusri, 900 seconds is the default if the token endpoint of the authorization server does not return an expiry time. This is configurable; here is the link to the command.

    Help Text (solace.com)

    Best Regards,

    Paul