Open Closed

Unauthorized between Microsservices call #5787

User avatar
0
douglasmolon@gmail.com created
  • ABP Framework version: v7.2.2
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace: Below
  • Steps to reproduce the issue:Below

Hello again! We've set the token generation in the AuthServer as follows in PreConfigureServices:

PreConfigure<OpenIddictServerBuilder>(builder =>
{
    builder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment, configuration));
    builder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment, configuration));
    builder.SetIssuer(new Uri(configuration["AuthServer:Authority"]));
    builder.SetAccessTokenLifetime(TimeSpan.FromMinutes(5));
    builder.SetIdentityTokenLifetime(TimeSpan.FromMinutes(5));
    builder.SetRefreshTokenLifetime(TimeSpan.FromMinutes(30));
});

And the TokenCleanup as follows in ConfigureServices:

Configure<TokenCleanupOptions>(options =>
{
    options.CleanupPeriod = 1000 * 60 * 30; // Default: 3,600,000 ms, 1 hour
    options.MinimumAuthorizationLifespan = TimeSpan.FromMinutes(30);
    options.MinimumTokenLifespan = TimeSpan.FromMinutes(30);
});

However, for some reason, the communication between microservices is returning "Unauthorized" after 10 minutes. We are unsure if the microservices request a new token with every HTTP request or if they continue using the same token until it expires and then obtain a new using refresh token. I'm afraid we might have done something wrong. Could you please enlighten us?

Go to accepted answer
4 Answer(s)
  • User Avatar
    0
    douglasmolon@gmail.com created

    Hello! Anyone, please?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    We are unsure if the microservices request a new token with every HTTP request or if they continue using the same token until it expires and then obtain a new using refresh token.

    It will request a token, cache it, and then continue to use it. refresh_token is not currently not supported.

  • User Avatar
    0
    douglasmolon@gmail.com created

    hi

    We are unsure if the microservices request a new token with every HTTP request or if they continue using the same token until it expires and then obtain a new using refresh token.

    It will request a token, cache it, and then continue to use it. refresh_token is not currently not supported.

    So, when does he know he needs a new one? Apparently it's not getting it when the first expires. If we keep the default expiration (1 hour) the problem won't occur.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Refresh_token is not currently not supported.

    You can configure the CacheAbsoluteExpiration to 9mins: https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.IdentityModel/Volo/Abp/IdentityModel/IdentityClientConfiguration.cs#L82

    It will get a new access_token in 9 minutes.

    For example:

    "IdentityClients": {
    "Default": {
      "GrantType": "client_credentials", 
      "ClientId": "BookStore_OrderService",
      "ClientSecret": "1q2w3e*",
      "Authority": "https://localhost:44322", 
      "Scope": "ProductService",
      "CacheAbsoluteExpiration": 540
    }
  }
Assignee
User avatar maliming
Labels
None yet
Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.1.0-preview. Updated on November 03, 2025, 07:01