The article addresses the scenario/use case for handling the need to change the access token and ID token lifetime of the Okta dashboard.
- OpenID Connect/OAuth 2.0 applications
- API Access Management
- JWT
- Org Authorization Server
- Custom Authorization Server
- Default Custom Authorization Server
- Access Token and ID Token
Current functionality does not include the ability to change the access token or ID token lifetime of the Okta dashboard. This is because the authorize and token request for the Okta dashboard is integrated with the Org Authorization Server, and the Org Authorization Server has preset token lifetimes for access, ID tokens, and refresh tokens.
For more information on token lifetime for different authorization servers, see Token lifetime.
The Okta dashboard is the Okta-specific application configured to use the Org Authorization Server for its token requests. Therefore, it cannot configured to use a custom authorization server for the same. Only the token lifetime can be changed for a custom authorization server; however, it is preset for the org authorization server.
The authorize request and token request for the Okta dashboard can be observed by checking it under the browser HAR logs:
Related References
