Net core identity and expiration time for DefaultEmailProvider

Question

Since the token that was generated automatically by _userManager.GenerateEmailConfirmationTokenAsync(user) was very long, I decided to set the token creation like this:

services.AddIdentity<User, IdentityRole>(config => {
                config.SignIn.RequireConfirmedEmail = true;
                config.Tokens.EmailConfirmationTokenProvider = TokenOptions.DefaultEmailProvider;
                config.Tokens.PasswordResetTokenProvider = TokenOptions.DefaultEmailProvider;
            })
            .AddRoleManager<RoleManager<IdentityRole>>()
            .AddEntityFrameworkStores<MyDbContext>()
            .AddDefaultTokenProviders();

Now I get a 6 number code, but I'm not able to find out when this expire exactly. Looking at what should generate the token here it says: "Allow a variance of no greater than 9 minutes in either direction" but at 8 minutes the token is already expired. I'd like to know when the token expire, and if there is any way to change this expiration time.

Answer 1

Did you ever manage to fix your token expiry issue? What I've seen on the net it states the token is valid for 1 day, but my tests indicate it is only 5 minutes. I've tried the recommended fix: services.Configure<DataProtectionTokenProviderOptions>(options => options.TokenLifespan = TimeSpan.FromDays(1)); but it does not work.

EDIT: Please see this post: https://stackoverflow.com/a/63480369/15083397 Combining the above recommendation with .AddTokenProvider<DataProtectorTokenProvider<ApplicationUser>>(TokenOptions.DefaultEmailProvider); instead of .AddDefaultTokenProviders did the trick for me. It does generate a much longer token, but that's fine for me.