Open karpikpl opened 2 years ago
I've been looking at https://github.com/Azure/api-management-policy-snippets/blob/47a03189f4fd75563ae2c234a13510dd6e23e6db/examples/Get%20OAuth2%20access%20token%20from%20AAD%20and%20forward%20it%20to%20the%20backend.policy.xml#L23
and had a question to @mike-urnun-msft about caching and checking token expiration time.
Shouldn't OAUTH policy include those to avoid calls to AAD when still valid token could be cached?
I've been looking at https://github.com/Azure/api-management-policy-snippets/blob/47a03189f4fd75563ae2c234a13510dd6e23e6db/examples/Get%20OAuth2%20access%20token%20from%20AAD%20and%20forward%20it%20to%20the%20backend.policy.xml#L23
and had a question to @mike-urnun-msft about caching and checking token expiration time.
Shouldn't OAUTH policy include those to avoid calls to AAD when still valid token could be cached?