Open Closed

Disable call refresh token and catch error #2762

User avatar
0
huantb1812@gmail.com created

If you're creating a bug/problem report, please include the followings:

  • ABP Framework version: v3.3.2
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

Hi, I have two questions there are:

  1. how to disable call API refresh token on the client?
  2. how to catch the response of request refresh token? this request is called auto.
Go to accepted answer
4 Answer(s)
  • User Avatar
    0
    gterdem created
    Senior .NET Developer
    1. Considering you are using default Authorization Code with PKCE flow, remove offline_access scope from oidc configuration located at environment.ts file.
    2. I don't understand what do you mean by catch the response of request refresh token but if you disable refresh token, this step will be obsolete.
  • User Avatar
    0
    nhontran created

    Hi @gterdem, we have removed the "offline_access" scope from Angular UI and disabled the "allow offline access" in IS4. However, the Angular still sends the refresh token request to IS4 and got 400 error.

    so, may I know how to stop the UI to trigger the "refresh token" request?

    Regarding the 2nd question, is it possible to catch the "refresh token" trigger event from Angular side?

  • User Avatar
    0
    nhontran created

    Hi @gterdem, any update on this?

  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    Sorry, this issue seems IdentityServer specific and out of my expertise. Please also try asking to IdentityServer github issues or stackoverflow.

Assignee
User avatar gterdem
Labels
None yet
Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11