[RTFACT-14660]  Set a maximum TTL to expirable Access Token Created: 26/Jul/17  Updated: 05/Nov/18  Resolved: 05/Nov/18

Status: Resolved
Project: Artifactory Binary Repository
Component/s: None
Affects Version/s: None
Fix Version/s: 6.5.0

Type: New Feature Priority: High
Reporter: Guy Cohen Assignee: Or Gat
Resolution: Fixed Votes: 0
Labels: Q3

Issue Links:


A non-expirable access token (when expiry is set to zero) can be revoked unlike expirable token.
Currently, expirable token has no maximum limit of expiry and cannot be revoked, hence, it will be valid until the expiration time will end.

When generating a too long value for expirable token, the request should fail with a 400 Bad Request and a clear error message about the maximum TTL.

Generated at Mon Jun 01 20:10:51 UTC 2020 using Jira 8.5.3#805003-sha1:b4933e02eaff29a49114274fe59e1f99d9d963d7.