JWT Token has expire time in mind. You can decode second part (split by dot) and get a JSON object witch has "iat" field means expire timestamp.
Before each request, check this time and renew it when it close. On 1/24/2022 03:06,S G<[email protected]> wrote: Hello, Can anyone share if Solr JWT is something widely used in production or not? We were planning to use it, but have stumbled across a problem where the JWT token on the client side isn't refreshed automatically. So if that expires after 15 minutes, client side traffic would come to a stop unless the token is refreshed. The only way we can think right now is to maintain two clients whose token renewals are expiry-time/2 minutes apart. But this seems like a lot of complexity on the client side to implement. 1. Maintain two client objects. 2. Keep their token renewals epxiry-time/2 minutes apart. 3. Switch traffic between the client objects so that you always use the client which has a valid token. 4. Maintain 1 or 2 background threads that refresh the JWT token for each client object Even if we do this somehow on the application side, what about all the integrations like spark-solr <https://github.com/lucidworks/spark-solr>. How do integrations like that use the above token-refresh and switch traffic kind of thing? Best, SG
