cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is only one refresh token supported?

Former Member

on ‎06-10-2019 5:24 AM - last edited on ‎02-04-2024 2:16 AM by

0 Kudos

Hi SAP,

For OAuth 2.0 authentication in S4HANA Cloud, the access token and refresh token can be retrieved by sending request to https://myxxxxxx-api.s4hana.ondemand.com/sap/bc/sec/oauth2/token.

In our test, there are two requests sent to there with the same credential and client id, as a result, we receive two pair of tokens. During the testing, we observed that the first access token and the second access token are working fine, but the first refresh token is changed to invalid, and only the second refresh token works. It looks like the second refresh token overrides the first one.

So just wondering if there is a limit to refresh token where only one is allowed. Can you please help me with that? Thanks.

Regards,
Xinmin

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Enda
Product and Topic Expert
Product and Topic Expert
‎08-28-2019 4:11 PM
0 Kudos

Hi Xinmin ,

Please check the online resources and blogs :

https://blogs.sap.com/2014/07/11/issues-with-csrf-token-and-how-to-solve-them/

https://help.sap.com/viewer/753088fc00704d0a80e7fbd6803c8adb/7.4.22/en-US/5574ed6c93654ee4999b4d07cd...

If you still have any questions , please let us know.

Best Regards

Enda

Show replies
Show replies
Ask a Question