EXTENDED OAUTH ARCHITECTURE SUPPORT IN A SCALABLE ENVIRONMENT

摘要

An approach is provided for sharing valid token(s) across application instances. If refresh token rotation is used, (i) a token request is received which includes a number of tokens required, (ii) access and refresh token pairs are generated and shared so that a total number of the pairs equals the number of tokens, and (iii) the access and refresh token pairs are sent to a client so that in response to token requests, the application instances obtain respective access and refresh token pairs. If refresh token rotation is not used, (iv) a request for a refresh token is received, (v) an existing access token is validated, where the access token is bound to the refresh token, and (vi) if the existing access token is expired, a new access token is generated and sent to the client; otherwise, the existing access token is sent to the client.