Step 2: Check Token Refresh Settings in Domains

How does token refresh work?

You have an access token and a refresh token. Both tokens have an expiry time.

In order for access tokens to be automatically refreshed, you need to enable Allow token refresh for your service instance in Oracle Cloud Services. When Allow token refresh is enabled, whenever an integration is running and the access token expires, the refresh token is used to automatically get a new access token. If an integration runs before the access token expires, the access token and refresh token are automatically refreshed. The token expiry time starts again at the maximum amount every time the tokens are refreshed.

If an integration does not run for a while, it's possible for the access token and refresh token to both expire. If that happens, you'll need to manually get a new access token.

Check Token Refresh Settings

  1. Log in to the Oracle Cloud Infrastructure Console with your identity domain administrator credentials and select Identity & Security, then Domains.
  2. Select your compartment, then your identity domain.
  3. In the navigation bar, select Oracle Cloud Services.
  4. Find and select your integration instance.

    Tip:

    Make sure the name is the same as the Service instance name you got from the Oracle Integration console.

    The Oracle Cloud Services page shows navigation links at the top Identity, Domains, Domain Name, Oracle Cloud Services. On the left hand side are the navigation menus: Overview, Users, Groups, Dynamic groups, Integrated applications, Oracle Cloud Services, Jobs, Reports, Security, Settings, Notification, Branding. On the main page, there is a search box with ua as the value and below that the corresponding Oracle Integration instance ua-oic35.

  5. In your Oracle Integration instance details, select OAuth Configuration, and make sure Allow token refresh: allowed.

    Oracle Cloud Services page for a specific Oracle Integration instance with the fields Access token expiration, Allow token refresh, Refresh token expiration highlighted.

    If you don't see Allow token refresh: allowed, select Edit OAuth configuration and make sure the setting is checked.

  6. Configure token refresh expiry (optional).

    Select Edit OAuth Configuration. You can configure access token and refresh token expiry times for your Oracle Integration instance.

    You might want to have different refresh expiry settings for development and production instances.

    To determine how to set the duration of your refresh expiry time:

    • Development environments: Determine what is the longest amount of time that you will not be running integrations. For example, do you run tests every two months? If that's the case, set your refresh token expiry time to 90 days.
    • Production environments: Determine what is the longest time interval that you think something is not going to run. For example, if you have a scheduled integration that runs every two weeks, then set your refresh token expiry to be one month.
Go to the next step Step 3: Check Token Refresh and Scope Settings in Integrated Applications