This is not the latest version of this document; to access the latest version, click here.
Unofficial Content

Configures the time in seconds that an access_code will remain active.


"Access code expires" (&GAMSecurityPolicy.OAuthAccessCodeExpire) is a GAM Security Policy property that allows you to set the time in seconds that an access_code will remain active.

It can't be 0, by default, this property is set to 180 seconds.

It defines the maximum time (seconds) that a Client application has to log into the Identity Provider (IDP), it is the time that can elapse from the time the user enters the credentials until it finishes getting the access_token in the client. 

In the Standard OAuth 2.0 flow, the access code (code) is provided by the Identity Provider (IDP) to the Client Application when the user's credentials are validated in the IDP (signin step), then this access code is sent by the Client Application in the request to the IDP to obtain an access_token (access_token step) and complete the login. The access code is a valid for a single use. 
If a value is specified for the “Access code expires” (&GAMSecurityPolicy.OauthAccessCodeExpire) property, the authentication flow must be completed before the time stipulated in this property. 


The way to use it in GeneXus code (by using the GAM API) is the following:

&GAMSecurityPolicy.OAuthAccessCodeExpire = 180 //seconds

See Also

GAM - OAuth 2.0 Endpoints to use GAM as Web IDP Server

HowTo: Use OAuth 2.0 Endpoints to authenticate with GAM as REST IDP Server

GAM - OAuth 2.0 Authentication Type


Last update: April 2024 | © GeneXus. All rights reserved. GeneXus Powered by Globant