F5, Inc.
Methods for token refreshment based on single sign-on (SSO) for federated identity environments and devices thereof

Abstract:

Methods, non-transitory computer readable media, access policy management apparatuses, and network traffic management systems that send a request received from a client to an application server along with an access token. A determination is made when a received response to the request comprises an unauthorized HyperText Transfer Protocol (HTTP) response status code. The access token is refreshed using a stored refresh token, when the determining indicates that the response is an unauthorized HTTP response status code. The request is resent to the application server along with the refreshed access token. With this technology, an intermediary access policy management apparatus can refresh access tokens automatically and without sending any unauthorized HTTP response status codes received from application servers to client devices, or requiring user re-authorization at the client devices thereby improving the user experience in single sign-on (SSO) federated identity environments.