| Note |
|---|
BSN.cloud is changing its authorization server to be able support SSO and other security features requested by customers, and our access and refresh token lifetimes will be changing because of this. Access tokens will have a 5 minute lifetime Refresh tokens will have a 30 minute lifetime Session lifetime will be 12 hours You must ensure that all of your applications and/or scripts are correctly handling and refreshing these tokens or you may find that they stop working correctly. All customers will be notified in advance of this change so that they have time to check and prepare their applications and scripts. |
...
The following flow diagram shows this flow:
...
The client application authenticates with the BSN.cloud token endpoint by providing the credentials
If the credentials are valid, an access token and a refresh token are returned in the result
The client application makes an API call and must pass the access token
The API component validates the access token and allows access to the resource
Steps 3 and 4 can continue until the access token expires and the API signals this by returning an error response (this will be a
401or403status code)When the access token expires, the client application requests a new access token by providing the refresh token
The BSN.cloud token endpoint then issues a new access token and a new refresh token
Steps 3 through 7 repeat until the refresh token expiresWhen the refresh token expires, the , or is revoked, or the current session ends
The client needs to re-authenticate with the authentication server once again and the flow repeats from step 1.
...