WSO2 API Manager (wso2am-4.1.0) - Initial Access Token Getting Revoked When Another Token Gets Generated With the Same Credentials

I am using wso2am-4.1.0 and I have come across the following issue.

1. Generate an access token. (JWT token gets generated)
2. Pass it in the header in an API call.
3. API responds successfully with 200 OK.
4. Generate a new access token.
5. Try the API with the previous token.
6. API fails with 401 unauthorized.

It seems the initial token gets revoked when another token gets generated using the same credentials, irrespective of the expiry time set to 1h. I tried to resolve this issue by adding the below configuration to the deployment.toml, but it did not resolve the issue.

[oauth.jwt.renew_token_without_revoking_existing]
enable = true
allowed_grant_types = [“client_credentials”, “password”]

A direction to resolve this issue is much appreciated. Thanks in advance.

The mentioned configuration was introduced to the WSO2 API Manager 4.1.0, with an update, which can be downloaded by paid subscribers. If you are an opensource user, this option is available by default from WSO2 API Manager 4.3.0 oauth.jwt.renew_token_without_revoking_existing.