WSO2 AM access token expires after one access time

问题

I setup IS as Key Manager for API-M, then I use Postman to get the access token from IS with Client Credential Grant Type.

However, the above token can be only used for the 1st request only. I used it with the second request, I found following

It seem like the token expired after one access time. Is there any document explains about this, and what should I change ?

回答1:

The issue come from the different time set up on the servers of API-M and IS.

• With the first time the request comes, I believe that API-M trust in the result active=true received from IS, and cache the expire-in time
• For the second request comes, API-M calculates expiration of token based on expire-in and the system time of server, and indicates that it expired

回答2:

You can check IDN_OAUTH2_ACCESS_TOKEN -> TOKEN_STATE column to get an idea about actual state of access token. You can check token state before and after first request. Meanwhile can you briefly explain APIM/IS versions and nature of deployment (fully distributed, single node ... etc) ?

来源：https://stackoverflow.com/questions/55117964/wso2-am-access-token-expires-after-one-access-time