How to specify refresh tokens lifespan in Keycloak

oauth-2.0 access-token openid-connect keycloak refresh-token
rok picture rok · Aug 27, 2018 · Viewed 9.4k times · Source

Keycloak refresh token lifetime is 1800 seconds:

"refresh_expires_in": 1800

How to specify different default expiry time? In Keycloak admin ui, only access token lifespan can be specified:

enter image description here

Answer

Erik Tribou picture Erik Tribou · Feb 13, 2019

The refresh token lifetime is controlled by the SSO Session Idle Setting. 30 minutes = 30 * 60 = 1800 seconds (the refresh_expires_in value)

Related questions

Clarification on id_token vs access_token

I'm building a system with OIDC and OAuth 2.0 (using Auth0), and I'm unsure how to properly use the id_token and access_token. Or rather, I'm confused about which roles to assign to the various services in my setup. I …

Read More
How to refresh token with Google API client?

I've been playing around with the Google Analytics API (V3) and have run into som errors. Firstly, everything is set up correct and worked with my testing account. But when I want to grab data from another profile ID (Same …

Read More
Request new access token using refresh token in username-password grant in Spring Security OAuth2

We're using the username-password grant to obtain an access token from our auth server. We want to refresh the access token before it expires using the provided refresh token until the user logs out or closes the client app. However …

Read More