Self Service Token Showing Expired Event Immediately After Creation in Logs
When reviewing our logs, I've noticed that there are a few self-service events that are immediately followed by that token being expired. The users are active, and the token expiration is set to 1 hour. It doesn't seem to actually expire the password, since some of those events are followed by the user utilizing the token, but I'm curious why the logs may be reporting this. Thoughts?
You can examine the token by calling /introspect to check if the token is still active. There is an expiration date timestamp on the token to compare against the active event you see. Okta doesn't revoke the access token unless you manual call the /revoke. Could you provide some more details on the Self Service event you are performing and some examples of the logs you see?