Asp net web api Authentication Token Expiration?

Question

Asp net web api Authentication Token Expiration?

I am an asp net web API application client using token based authentication. The structure of the token is as follows:

{ access_token: "…", token_type: "bearer", expires_in: 3599 }

obviously, it expires, and I'm currently requesting a new token with every request, which I think is not good practice, since each API request is actually 2, one for authentication and another for the actual request. So I'm trying to implement some caching of the token, but I don’t know what exactly the expires_in field expires_in , is it seconds, miliseconds?

+6

c # asp.net asp.net-web-api

Luiso Aug 3 '15 at 20:52

source share

1 answer

Enes · Accepted Answer · 2015-08-03T20:57:07+0000

See the oAuth2 protocol specification :

expires_in RECOMMENDED. The lifetime of the seconds of the access token. For example, a value of "3600" means that the access token will expire one hour after the creation of the response. If this parameter is omitted, the authorization server MUST provide expiration time using other means or document the default value.

Asp net web api Authentication Token Expiration?

More articles: