Discussions

Wanted to run this by the iMIS developer community as I had this occur a few times on iMIS 20.3.136.136 and I can't seem to replicate as easily. Below is the latest scenario.

I called the /token endpoint at 2:55pm, 3:06pm, 3:22pm, 3:23pm, 3:24pm, and 3:38pm generating 6 access tokens by the same user with SysAdmin role. Each access token expires an hour from the time it was generated.

At 3:38pm I called /api/group using the token that was retrieved at 2:55pm and got the following message.

{"$type":"System.Web.Http.HttpError, System.Web.Http","Message":"Authorization has been denied for this request."}

If I call /api/group using the access token obtained at 3:24pm or 3:38pm it works. So I'm wondering is this a bad access token that was generated or could iMIS keep track a limited list of valid access tokens so if a new one is generated the oldest one expires?