Question
Michele De Chiffre · Sep 2

Save AccessToken OAuth2

I'm trying to save a list of AccessTokens a user for a specific user. This way I could present it together with other user-data.

I have tried calling ##class(OAuth2.Server.AccessToken).OpenByCode(authCode) from %OAuth2.Server.Authenticate's AfterAuthenticate() method. This only returns things like State and AuthorizationCode, but the AccessToken is empty at this point (afterwards it becomes filled out).

Is there a way to achieve storing the AccessToken as part of the login system?

$ZV: Cache for Windows (x86-64) 2018.1.2 (Build 309_5U) Wed Jun 12 2019 20:02:36 EDT
00
1 0 1 89
Log in or sign up to continue

Hi Michele,

Access tokens are Persistent objects so they are already stored on the server. As an administrator of an Authorization Server, you can view all of the access tokens issued to a given user like any other Persistent object stored on the server. If all you want is, at any given time, to see what access tokens are issued to a given user you can query the OAuth2.Server.AccessToken SQL table for that information.

However, if you are asking if the timing of saving an access token can be changed, you are out of luck. For all grant types other than Implicit (which is being deprecated), the actual access token can't be created until after the user logs in, so there is no way to store or present the access token as part of the login process because the access token does not yet exist at that point.

I hope this helps,
McLean