Allow User Login Admin API to return refresh tokens #18100
Labels
A-Admin-API
A-Legacy-Auth
relates to legacy, non-MAS-based, authentication
O-Occasional
S-Minor
T-Enhancement
Comments
|
A valid request, but I suspect it will get ignored and will be made obsolete by the change to MAS |
reivilibre
added
A-Admin-API
A-Legacy-Auth
|
@reivilibre you assume the folks that need this change are willing to use MAS anytime soon 😢 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Imagine I have configured Synapse (legacy) SSO with
nonrefreshable_access_token_lifetime: 24hin order to encourage admins and users to use refresh tokens.I also have an admin tool that I have an account for, and would like to log into that account using the User Login Admin API.
Currently, I can do so and receive an
access_token. But this access token will expire in 24hrs! I'd love to be able to get back a refresh token that I can use to refresh theaccess_tokenbefore it expires every 24hrs.Proposal
Similar to the User Registration Admin API, we add a
refresh_tokenbody parameter to the User Login Admin API. This would then cause a refresh token to be returned in arefresh_tokenfield in the response.Admin tooling could then refresh the access token in order to get back a new access token with a fresh 24hr lifetime.
The text was updated successfully, but these errors were encountered: