We are using Atlassian Jira Service Management to create ticket using Rest API’s where we have OAuth 2.0 authentication mechanism.
We have created Application, client id, client secret using document:
This was working perfectly fine until we don’t have Rotating refresh token.
Issue started since Rotating refresh token feature is live.
- Using offline access, we receive both access token and refresh token.
- But when access token expires after some time, we exchange refresh token (that we received in step#1) to get access token (may be after 1hour)
- We receive “error_description”: “Unknown or invalid refresh token.”
Unable to generate OAUTH Access token from refresh token ,Refresh token keeps expiring.
“error_description”: “Unknown or invalid refresh token.”
Also we could see that the option to configure the rotating refresh tokens Inactivity expiry time, Absolute expiry time, Reuse interval or leeway are missing.
These are not present where we create the application. The links in those tables take us to auth0 documentation.
Is auth0 is used internally in Jira? If yes, how can we access auth0 to change the setting, if possible share URL for auth0 for our instance: https://sailpointbhushan.atlassian.net/