We recently migrated onto 7.2.2 version. When authenticating using OAuth2 with grant type authorization code, we get a warning regarding the refresh token being truncated because exceeds the length in the DB (512). Now, when making subsequent requests we get an error in the response because of the refresh token not being correct. I have seen that the access token column length in DB is set to 4000, why the refresh token is set to be max 512? Could anyone let us know if this is a bug or is correct as per any OAuth2 spec? I have not found anything about this.
The following is the warn message I can see when accessing the protected resource, the first time :
"Property pyRefreshToken has been truncated in its database column; the maximum column length is 512 but the property (length 1144) has ..."
Yes, this is an OOTB column and the size does match the DDL script - already having a meeting with engineering in order to double check why the size is set to be so small as there are no specific requirements on refresh token size.