Hi All,
I have the following setup:
Client: AngularJS Web App
Server: ASP.NET Web API
In the server I use the IdentityFramework3 to authenticate users on my AngularJS Client that has the (oidc-token-manager) configured.
Currently I'm setting the AbsoluteRefreshTokenLifetime to 48 hours for my Client MyAngularJsApp like so:
new Client
{
Enabled = true,
ClientId = MyAngularJsApp.Id,
ClientUri = MyAngularJsApp.Uri,
ClientName = MyAngularJsApp.Name,
Flow = Flows.Implicit,
AllowAccessToAllScopes = true,
IdentityTokenLifetime = 300,
AccessTokenLifetime = 3600,
RefreshTokenExpiration = TokenExpiration.Absolute,
RefreshTokenUsage = TokenUsage.ReUse,
AbsoluteRefreshTokenLifetime = TimeSpan.FromDays(2).Seconds,
RequireConsent = false,
RedirectUris = new List<string>
{
MyAngularJsApp.Uri + "/assets/idSrv/callback.html",
MyAngularJsApp.Uri + "/assets/idSrv/silentrefreshframe.html"
},
PostLogoutRedirectUris = new List<string>
{
MyAngularJsApp.Uri + "/index.html"
}
},There is one specific user that will log into my client that I want to set his Refresh Token to last 100 days so that the user does not have to Authenticate in 100 days
AbsoluteRefreshTokenLifetime = TimeSpan.FromDays(100).Seconds,
How do I make it so that only this user has this refresh token lifetime?