As per the jira reported in [1<https://wso2.org/jira/browse/APIMANAGER-1656>] User can invoke an API using both previous and new access tokens even after refreshing the previous access token.
Is this the expected behavior? If this is expected there will be multiple access tokens for a given app. [1] https://wso2.org/jira/browse/APIMANAGER-1656 Thanks! -- *Ushani Balasooriya* Software Engineer - QA; WSO2 Inc; http://www.wso2.com/. Mobile; +94772636796
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev