At last step, after successful completion of authentication, Bearer Token is issued to Haystack client by Haystack server. Generation of Bearer Token is implementation specific.
Haystack client should send this Bearer Token to Haystack server for all subsequent Haystack op execution.
Queries:
When will this Bearer Token expire ? I assume this is implementation specific and expiry time can be anything (e.g. 30 min, 1 day, etc.)
Once expired, how will token be renewed ? Is it necessary for Haystack client to start authentication mechanism again ? Or is there any other mechanism/concept defined in Haystack ?
Thanks.
Brian FrankWed 7 Mar 2018
The Bearer token can be expired or canceled at will whenever your server wants. When that happens you return 401 to challenge the client. It doesn't really matter whether there is no bearer token, a fake bearer token, or an expired bearer token - from the server's perspective the client doesn't have a valid token and issues the 401 challenge.
Clients should always be prepared to deal with a 401 and re-authenticate
Pun Mum Wed 7 Mar 2018
Hi All,
I have a query on SCRAM authentication mechanism.
At last step, after successful completion of authentication,
Bearer Tokenis issued to Haystack client by Haystack server. Generation ofBearer Tokenis implementation specific.Haystack client should send this
Bearer Tokento Haystack server for all subsequent Haystack op execution.Queries:
Bearer Tokenexpire ? I assume this is implementation specific and expiry time can be anything (e.g. 30 min, 1 day, etc.)Thanks.
Brian Frank Wed 7 Mar 2018
The Bearer token can be expired or canceled at will whenever your server wants. When that happens you return 401 to challenge the client. It doesn't really matter whether there is no bearer token, a fake bearer token, or an expired bearer token - from the server's perspective the client doesn't have a valid token and issues the 401 challenge.
Clients should always be prepared to deal with a 401 and re-authenticate