I have been running longer tests with Xibo CMS 4.0.2 API and I have noticed the access token is expiring early approximately 52 minutes instead of 60 minutes (3600 seconds) specified in authorize response (/api/authorize/access_token).
I am able to reproduce using Postman by making authorization call, setting an alarm for 50 minutes, then submitting a get Campaigns calls when alarm goes off. Around 52 minutes from original authorize call I receive same access denied error.
Yes, I can capture error and renew access token early but I shouldn’t have too.
The specific error message returned is:
{
“error”: “access_denied”,
“error_description”: “The resource owner or authorization server denied the request.”,
“hint”: “Access token has been revoked”,
“message”: “The resource owner or authorization server denied the request.”
}
We put tokens into a cache so that they can be revoked ahead of their expiry date, and the error hint you’re getting implies that is what is happening.
My sandbox environment uses the standard Docker install including containerized MySQL database. I upgraded my Xibo CMS from v1.18.13 to v4.0.2 vs a clean install in case that matters.
Let me know if there are specific data points or tests you’d need to investigate.