OAuth 2.0 client tokens are designed to be short lived and have an expiry time, however, tokens can be issued with refresh tokens. If a token has expired and it has a refresh token, you can use the Refresh an OAuth Client Access Token filter to explicitly refresh the token.
Configure the following general settings for the Refresh an OAuth Client Access Token filter:
Name:
Enter a suitable name for this filter.
Optionally use an explicit profile:
Select this option and click the browse button to explicitly select an OAuth2 client credential profile. This can be used if no preceding filter has set the application profile on the message board, or to override the existing application profile.
You can configure SSL settings, such as trusted certificates, client certificates, and ciphers on the SSL tab. For details on the fields on this tab, see the Connect to URL filter in the API Gateway User Guide.
The Settings tab allows you to configure the following additional settings:
-
Retry
-
Failure
-
Proxy
-
Redirect
-
Headers
By default, these sections are collapsed. Click a section to expand it.
For details on the fields on this tab, see the Connect to URL filter in the API Gateway User Guide.
