How to increase the expiry date of a token?

Hi all

I have an API token and I wonder if I can extend the expiry date to a month for example
is that possible ?

Along the access token, you also get a refresh token which you can use to extend access tokens.

Additionally, you can set the duration access tokens are valid in the .env variables; IIRC, it is AUTH_OAUTH2_ACCESS_TOKEN_LIFETIME (consult the docs).

1 Like

hey @tjerman

I’ve read the docs and I only need to change this variable
AUTH_OAUTH2_ACCESS_TOKEN_LIFETIME

it worked as expected from the API call
however when I login to the platform from the browser … it keeps redirecting me till I get too many request error

I get this from the logs

server_1       | 16:44:08.362	DEBUG	redirect URI check for client is disabled (empty validation list)	{"sent": "https://corteza.xxxxx.com/auth/callback"}
server_1       | 16:44:09.447	DEBUG	redirect URI check for client is disabled (empty validation list)	{"sent": "https://corteza.xxxxx.com/auth/callback"}
server_1       | 16:44:10.050	WARN	The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client

also, I’ve changed these two variables to the same value but still same issue

AUTH_OAUTH2_ACCESS_TOKEN_LIFETIME=8760h     # a year
AUTH_OAUTH2_REFRESH_TOKEN_LIFETIME=8760h     # a year
AUTH_JWT_EXPIRY=8760h     # a year

Hmm… what happens if you clear out the browser’s local storage? There was a period a while back where we had this strange redirect loop.

@tjerman
well, I already did that but same issue

also, I used a different browser but had no luck

Can you remind me of what version you’re using?

@tjerman

it’s 2022.3.4

Thanks; we’ll take a look and see what we can find

1 Like