<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content

Use OAuth2 with Refresh Token - SCIM Integration

API Access Management
Okta Classic Engine
Okta Identity Engine

Overview

A bearer token that is used to establish a SCIM connection may expire if a SCIM operation is performed at a later date. As an admin, is desired to have the connection alive without updating the SCIM configuration in Okta.

Applies To

  • OAuth2
  • SCIM
  • Provisioning

Cause

An access token has a limited lifetime as per the OAuth2 specification.

Solution

If the authorization server supports refreshing tokens, append the offline_access scope to the authorize endpoint URL.

Integration 



If additional scopes are to be requested, add them to the authorize URL, separated by a space.

Integration 

NOTE: Tokens will be refreshed only if a SCIM operation is performed. If the refresh token expires, a new bearer token must be supplied.

Loading
Okta Support - Use OAuth2 with Refresh Token - SCIM Integration