You can configure OAuth tokens to expire after a set period of
inactivity. By default, no token inactivity timeout is set.
The inactivity timeout can be either set in the OAuth server
configuration or in any of the OAuth clients. The client settings
override the OAuth server setting.
To edit the OAuth client inactivity timeout, edit the OAuth client
object: oc edit oauthclient $clientname
and set the top-level accessTokenInactivityTimeoutSeconds
attribute.
apiVersion: oauth.openshift.io/v1
grantMethod: auto
kind: OAuthClient
metadata:
...
accessTokenInactivityTimeoutSeconds: 600
For more information on configuring the OAuth clients, consult the
OpenShift documentation:
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html-single/authentication_and_authorization/index#oauth-token-inactivity-timeout_configuring-internal-oauth