Hello All,
I have a doubt regarding the cache policies and how they can be used for caching the OAuth token. I am working on an API to connect to SuccessFactors and I am using OAuth as the Authentication. Here is the high level overview/ sequence of policies in the Pre-Flow of Target EndPoint
1. KeyValueMapOperations
2. LookUpCache
3. GenerateSAMLAssertion (with policies for encoding)
4. AssignMessage (creating Request before call to get token)
5. ServiceCallOut
6. RaiseFault
7. ExtractVariables (to fetch token and expiry time)
8. PopulateCache
After this I have included “AssignMessage” in the PostFlow to set the Authorization Header before making the call to access the resource.
This set up is working fine in general, but the consumer of this API has reported that they sometimes get the following error:
[LGN0022]The access token has expired. The token was issued at 4/23/24 8:45 AM and expired at 4/24/24 8:45 AM. Please use the “new_token” parameter to generate a new token.
My understanding is that this issue might be occurring when the token which is used from the cache is expired before the call is made to the Successfactors. But ideally, this should happen only once throughout the duration set by the “TimeoutInSec” parameter of PopulateCache policy. Is this understanding correct?
Also, How does the “TimeoutInSec” parameter works in general. Does its value automatically decrease after after every run of the API? And, should I reduce the value of “expires_in” by 60-90 seconds before setting it in ExpirySettings in Populatecahe policy? Or in general what should be done to avoid the error caused by token expiry?
I am not able to simulate this error as the token is valid for 24 hours and the API works fine without any errors duging the testing, for eg, with POSTMAN. Any help would be appreciated. Thanks!
Regards,
Faisal