We’re in the need of issuing access tokens with a longer lifespan than desired, for a legacy CLI application. We’re using the
admin-cli client and for obtaining the token we’re using the Resource Owner Credentials flow, using the following request:
POST https://keycloak/auth/realms/myrealm/protocol/openid-connect/token Accept: application/json Content-Type: application/x-www-form-urlencoded grant_type=password&client_id=admin-cli&username=user&password=password
In order to have that longer lifespan, we have set “Access Token Lifespan” under the
admin-cli advanced settings to 70 minutes.
Those tokens work for interacting with the REST API without any problems until hitting the 30/35 minutes since token issuing. After that, we’re constantly getting 401 Unauthorized errors.
What are we missing in understanding how the “Access Token Lifespan” works? Any other setting that might be getting in our way?
Thanks in advance.