Details

    • Type: New Feature
    • Status: Resolved
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.5.0
    • Component/s: None
    • Labels:

      Description

      A non-expirable access token (when expiry is set to zero) can be revoked unlike expirable token.
      Currently, expirable token has no maximum limit of expiry and cannot be revoked, hence, it will be valid until the expiration time will end.

      When generating a too long value for expirable token, the request should fail with a 400 Bad Request and a clear error message about the maximum TTL.

        Attachments

          Activity

            People

            • Assignee:
              orga Or Gat
              Reporter:
              guyco Guy Cohen
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: