Kevin Taylor
02/17/2023, 12:02 AMPeter Plochan
02/17/2023, 7:01 AMKevin Taylor
05/03/2023, 5:07 PMPeter Plochan
05/04/2023, 6:52 AMoffline_access
scope as stated in the specification or it can just issue the refresh token any time. We do not support exceptions for individual provider types, so it is possible that this offline_access
scope won’t work in the Google Workspace.
• Because the frontend in the CN can call the backend (REST APIs) multiple times in parallel and the backend does the “refresh”, we do not recommend to limit the number of refresh tokens or the number of their usages. This can cause that the session (ID token) won’t be properly refreshed. In the Google Workspace, I have found “There are limits on the number of refresh tokens that are issued: one limit per client/user combination, and another per user across all clients. If your application requests too many refresh tokens, it may run into these limits, in which case older refresh tokens stop working.” statement, so I recommend to set this number to a higher value (e.g. 10 refresh tokens per user/client combination).
I hope this will help. If you have any other question, feel free to ask.