Rakesh Kumar
Reputation: 3149
Can we set access token to not expire?
We are using Identity Server4, the default time is access token expire is 3600 seconds. Can we set it to not expire?
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "client",
// no interactive user, use the clientid/secret for authentication
AllowedGrantTypes = GrantTypes.ClientCredentials,
// secret for authentication
ClientSecrets =
{
new Secret("secret".Sha256())
},
// scopes that client has access to
AllowedScopes = { "api1" },
AccessTokenLifetime=3600
}
};
Upvotes: 5
Views: 3730
Answers (1)
Linda Lawton - DaImTo
Reputation: 117321
Technically speaking AccessTokenLifetime is declared as an int so you could do
AccessTokenLifetime = Int32.MaxValue;
But that's really not going to be a good idea. Once the access token is created its going to continue to work I dont think you expiring it in the backed is going to work as you would like.
For the fun of it
TimeSpan t = TimeSpan.FromSeconds(Int32.MaxValue);
Console.WriteLine(t.Days);
results in a very ugly 24855 days or 68 years.
Upvotes: 3
Related Questions
- How to force expire a JWT token in ASP.Net Core?
- Set authentication token expiry in ASP.NET Core 6.0 MVC
- Set / modify the IdentityServer4's AccessTokenLifeTime value at run-time?
- Asp net Core Identity token authentication expiration
- Increase token lifespan in .net core 3.1
- Stop Expired Access Token from retrieving data from resource Server
- Identity Server 4- Setting the Access Token lifetime
- ASP.NET Core 2.0 IAuthorizationService And Expired Bearer Tokens
- Asp Core Oidc Client with IdentityServer 4 AccessToken Expire handling
- How to set the UserTokenProvider token expiration