[mitreid-connect] obtaining a refresh token ....

Steven Carmody steven_carmody at brown.edu
Tue Jan 3 15:53:24 EST 2017


Hi,

The server isn't returning a refresh token along with my access token, 
and I'm not sure what I'm doing wrong. Here's what I'm doing:

1) I went to the server admin GUI, created my new client, clicked EDIT 
on that client, clicked the Tokens tab, clicked "Refresh tokens are 
issued for this client", and SAVED.

2) Just to be extra safe, I clicked "System Scopes" in the left nav bar, 
clicked offline access, clicked "default scope Newly-created clients get 
this scope by default?", adding it to the default set.

3) My program POSTs this data to the /token endpoint:

code=k36dJT&redirect_uri=http%3A%2F%2Fstc-test21.cis.brown.edu%2FOAuth2%2Fclient-oauth2.php&scope=profile+offline_access&grant_type=authorization_code&client_id=stc-test21-client

4) I get back an access token, only ...

{"access_token":"eyJraWQiO ... 
RJwHAg","token_type":"Bearer","expires_in":3599,"scope":"profile"}

btw, in my browser window I'm only asked to approve

	 basic profile information

thanks for any suggestions !


More information about the mitreid-connect mailing list