Hi,
As per the Saviynt REST API documentation, we can generate access token using below two methods,
1. By passing username and password
2. By passing refresh token.
As per my understanding, though we are generating access token using the credentials in the first approach, it is not technically oauth flow as we aren't passing any grant type.
So if the client wants to use oauth, we had to chose the second approach. But I couldn't find any docunmentation that provide steps to reauthenticate again if the refresh token is expired.
Noticed below information in the release notes,
The OAuth 2.0 refresh tokens issued by Saviynt can be invalidated at any time, and applications that use such tokens, such as applications that use the API and older versions of Saviynt’s ServiceNow app must ensure graceful handling of such refresh token invalidation. The recommended approach to automatically and gracefully handle this is for applications to perform another authentication when encountering an invalid token error, which can be a programmatic or interactive call to the login API using either stored credentials or those prompted by a user again. In the event an application has hardcoded the refresh token, it should be updated with the re-authentication process. If such an application cannot be updated, the refresh token must be manually regenerated and updated upon refresh token invalidation
But still it doesn't clarify how I can gracefully handle the refresh token invalidation. We have also been made aware that refresh token get invalidated everytime we upgrade to newer version. Is this still the case? What is the default expiry period for refresh token? is there any way we can update that default value for the refresh token expiry period?
Regards
Lokesh
