REST API knowledge exchange
Post Reply
mjr.epicfail
Veeam Legend
Posts: 602
Liked: 163 times
Joined: Apr 22, 2022 12:14 pm
Full Name: Danny de Heer
Contact:
Contact mjr.epicfail

VBR 13 rest api 1.3-rev1 refreshtoken lifetime

Post by mjr.epicfail »

Hi all,

Maybe im reading the docs wrong, but according to the documentation the refreshtoken lifetime should be access token lifetime plus 15 minutes.
In this case a access token has a lifetime of 15 minutes so the refreshtoken should be 30 minutes.

While testing this, I noticed that the refreshtoken is 24 hours, no matter if the property use_short_term_refresh is set to true or false

True:

Code: Select all

curl -X 'POST' \
  'https://[serverIP]:9419/api/oauth2/token' \
  -H 'accept: application/json' \
  -H 'x-api-version: 1.3-rev1' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'grant_type=Password&username=[user]&password=[password]&refresh_token=string&code=string&use_short_term_refresh=true&vbr_token=string'

Code: Select all

  "exp": 1767727153,
  "iat": 1767640753,
  "nbf": 1767640753,
  "refresh_chain_id": "3683b357-d07e-42ac-a144-60615af11141",
False:

Code: Select all

curl -X 'POST' \
  'https://[serverIP]:9419/api/oauth2/token' \
  -H 'accept: application/json' \
  -H 'x-api-version: 1.3-rev1' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'grant_type=Password&username=[user]&password=[password]&refresh_token=string&code=string&use_short_term_refresh=false&vbr_token=string'

Code: Select all

  "exp": 1767727251,
  "iat": 1767640851,
  "nbf": 1767640851,
  "refresh_chain_id": "e374829e-97f7-47ee-8a06-4a990e7ee6e3",
VMCE / Veeam Legend 2*
Top
david.domask
Veeam Software
Posts: 3192
Liked: 742 times
Joined: Jun 28, 2016 12:12 pm
Contact:
Contact david.domask

Re: VBR 13 rest api 1.3-rev1 refreshtoken lifetime

Post by david.domask »

Hi mjr.epicfail,

I'm seeing something similar, the use_short_term_refresh doesn't seem to affect the resulting lifetime value (though by default mine is 15 minutes for both password and refresh token grants, do you have the config parameter ️RefreshTokenLifetimeHours set by chance in registry / config files?)

Please open a support case and let Veeam Support review the behavior. Please share your case number once created, thanks!
David Domask | Product Management: Principal Analyst
Top
mjr.epicfail
Veeam Legend
Posts: 602
Liked: 163 times
Joined: Apr 22, 2022 12:14 pm
Full Name: Danny de Heer
Contact:
Contact mjr.epicfail

Re: VBR 13 rest api 1.3-rev1 refreshtoken lifetime

Post by mjr.epicfail » 1 person likes this post

Hi David,

No, its a "vannila" installation.
Im currently investiging a different issue with Support on this "test" server. Ill create a new case for investigion after that is concluded.
VMCE / Veeam Legend 2*
Top
Post Reply

Return to “REST API”



Who is online

Users browsing this forum: No registered users and 4 guests