Hi all
I have an API token and I wonder if I can extend the expiry date to a month for example
is that possible ?
Hi all
I have an API token and I wonder if I can extend the expiry date to a month for example
is that possible ?
Along the access token, you also get a refresh token which you can use to extend access tokens.
Additionally, you can set the duration access tokens are valid in the .env
variables; IIRC, it is AUTH_OAUTH2_ACCESS_TOKEN_LIFETIME
(consult the docs).
hey @tjerman
I’ve read the docs and I only need to change this variable
AUTH_OAUTH2_ACCESS_TOKEN_LIFETIME
it worked as expected from the API call
however when I login to the platform from the browser … it keeps redirecting me till I get too many request error
I get this from the logs
server_1 | 16:44:08.362 DEBUG redirect URI check for client is disabled (empty validation list) {"sent": "https://corteza.xxxxx.com/auth/callback"}
server_1 | 16:44:09.447 DEBUG redirect URI check for client is disabled (empty validation list) {"sent": "https://corteza.xxxxx.com/auth/callback"}
server_1 | 16:44:10.050 WARN The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client
also, I’ve changed these two variables to the same value but still same issue
AUTH_OAUTH2_ACCESS_TOKEN_LIFETIME=8760h # a year
AUTH_OAUTH2_REFRESH_TOKEN_LIFETIME=8760h # a year
AUTH_JWT_EXPIRY=8760h # a year
Hmm… what happens if you clear out the browser’s local storage? There was a period a while back where we had this strange redirect loop.
Can you remind me of what version you’re using?
Thanks; we’ll take a look and see what we can find