RDP API - Tokens
Hello Team,
Kindly review the below questions from RDP API client regarding authorization and advise:
Client Query: We have a question about the `Session quota is reached` error. We would like to authorize multiple instances of the application. But your authorization server rejects the request if we try to make a request without the `takeExclusiveSignOnControl` parameter. The API formally allows us to get multiple tokens, but in reality, we can't get more than one. And we would like to get a more extensive explanation (than in documentation) on the semantics of the 'Session quota is reached' error (under what circumstances it occurs and why we get this error when the first request to /auth/token).
Your documentation says that the `takeExclusiveSignOnControl` parameter is not a required parameter:
> The parameter, takeExclusiveSignOnControl, may be set to true ONLY if application sending authorization request needs all other sessions/applications to be logged out. Here are a couple of use cases when takeExclusiveSignOnControl must be set to true: Refresh token has been lost or invalid resulting in errors like: {"error":"access_denied" ,"error_description":"Session quota is reached." }
But your API rejects authorization without this parameter.
This is the list of questions:
1. What is `session quota`?
2. How is it measured?
3. How much quota do we have (per account/application, mb per day)?.
4. Can this value be changed (increased)?
6. Can I disable the quota for certain applications?
7. Why does authorization fail if the request does not include the `takeExclusiveSignOnControl=true` parameter?
8. How does `session quota` affect other applications from our account? Do all applications have the same quota?
9. Does logging into a website also affect the quota?
Thanks and Regards,
Nitesh.
Online Solutions Team
Best Answer
-
Session quota indicates that the client is not allowed to get any more access tokens for same set of credentials, without kicking another application off. If the multiple apps are being used, and there is no mechanism to share the access/refresh tokens, it is fine to use the takeExclusiveSignOnControl parameter and get a new token each time, using the password grant.
There is no means to disable/change session quota and it is not per application. If the requirement is to have multiple concurrent applications, then multiple credentials should be used.
0
Categories
- All Categories
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 684 Datastream
- 1.4K DSS
- 613 Eikon COM
- 5.2K Eikon Data APIs
- 10 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- 3 Trading API
- 2.9K Elektron
- 1.4K EMA
- 248 ETA
- 552 WebSocket API
- 37 FX Venues
- 14 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 23 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 275 Open PermID
- 44 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 22 RDMS
- 1.9K Refinitiv Data Platform
- 630 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 26 DACS Station
- 121 Open DACS
- 1.1K RFA
- 104 UPA
- 191 TREP Infrastructure
- 228 TRKD
- 915 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 86 Workspace SDK
- 11 Element Framework
- 5 Grid
- 18 World-Check Data File
- 1 Yield Book Analytics
- 46 中文论坛
