How Solace makes an OAuth Token Call to APIGW

Recently, there was a concern from APIGW team that Solace is making more OAuth token calls than expected, which is impacting their license cost directly.

Upon checking in details, it was found that the token expiry value was set to 900 by default at Solace. However, the token lifetime was set to 3600 from APIGW end.

Therefore, we had increased the token expiry value to 3600 at Solace. But still APIGW team could observe there is no change in the token calls made.

So, would like to know whether Solace reuses the token for the specified time and how

image.png967×294 14.8 KB

this whole connectivity works

Solace version : 10.4.1.121

image.png967×294 14.8 KB

Hey @Dhanusri , I’m pretty sure OAuth token refresh is configured within the applications. So maybe you need to check with your app teams why they’re refreshing so frequently? Defining Client Authentication Info (solace.com)

Hi @Aaron , It is Solace broker who is using the OAuth details of APIGW inside the RDP configured.

I believe the above comments from your end is wrt the clients connecting to the Solace broker using OAuth Authentication.

Hi @Dhanusri , 900 seconds is the default if the token endpoint of the authorization server does not return an expiry time. This is configurable; here is the link to the command.

Help Text (solace.com)

Best Regards,

Paul