Fixes are available
APAR status
Closed as program error.
Error description
For API Gateway, the maximum consent TTL (Time To Live) setting in OAuth Provider doesn't work properly. After reach the maximum consent TTL, users still able to call APIs using the access token, and still able to use the refresh token to request another access token.
Local fix
Problem summary
DataPower OAuth Provider may not prevent the use of access tokens and refresh tokens beyond the period of 'Maximum consent' setting.
Problem conclusion
Fix is available in 2018.4.1.14, 10.0.1.1
Temporary fix
Comments
APAR Information
APAR number
IT33923
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
A0X
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-08-15
Closed date
2020-11-17
Last modified date
2020-11-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
R770 PSY
UP
RA0X PSY
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateways"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"A0X"}]
Document Information
Modified date:
28 September 2021