Access token ttl based on scope

Hi, AM 7, is it possible to define ttl for oauth2 access tokens based on scope sent in the token request? suppose token endpoint has a scope A in the request then the access token issued should last for say 10 mins and when it has scope B then the access token should last for 5 mins.


Hello @pinku

Welcome, and thanks for reaching out to the Community!

I posed your question to our internal Engineers and was provided with the following document which I believe meets your requirements.

Please review and let us know if this helps your situation.

Warm Regards,


Hi Ed, Thank you very much. this is exactly what I was looking for. Have configured it too and it works perfectly setting different ttl for access token based on scope in the request.
I need to do exactly the same for refresh token… can’t find how to achieve that… issue refresh token of different ttl based on the scope in the request. a little help plz.


Is this not possible to achieve? any advice plz?

Hi @pinku,

I’ve reached out to our internal engineers regarding issuing a refresh token for a different TTL based on the scope of the request. I’ll update this thread as soon as I receive the relevant information.

Best regards,

Hi Sheila,
Any feedback, did we hear anything back for this ?


Hi Pinku,

Apologies for the delay. I’ve been consulting with our internal teams for a solution. After further discussion, we’ve concluded that managing the refresh token similarly may require a more tailored approach.
Further analysis and testing will be essential for meeting your requirements. We suggest initiating this process by creating a support ticket using the following link:

Please let me know if you have any questions.

Thank you for your patience.

Warm regards,