Use OAuth2 with Refresh Token - SCIM Integration
Last Updated:
Overview
A bearer token that is used to establish a SCIM connection may expire if a SCIM operation is performed at a later date. As an admin, is desired to have the connection alive without updating the SCIM configuration in Okta.
Applies To
- OAuth2
- SCIM
- Provisioning
Cause
An access token has a limited lifetime as per the OAuth2 specification.
Solution
If the authorization server supports refreshing tokens, append the offline_access scope to the authorize endpoint URL.
If additional scopes are to be requested, add them to the authorize URL, separated by a space.
NOTE: Tokens will be refreshed only if a SCIM operation is performed. If the refresh token expires, a new bearer token must be supplied.
