Auth Token "expires_in" meaning?

Hi nodered experts,

May I know the meaning for the expires_in in the admin API of nodered?
I believed this is the range of time where the token will be expire, but I am not sure wether it is in minutes? hour? or days?

The 604800 means?

In addition, I want my token to never get expired, is it possible?


That value looks familiar, so my guess is, those are seconds. :face_with_monocle:

Meaning 604800 = 60 * 60 * 24 * 7, which is one week.

I see!

It is not mentioned in their documentation, I guess you are right.



A bearer token that never expires is VERY insecure.

The problem with bearer tokens is that they are used as a security feature but really they are only a convenience feature. The system must provide the security processing.

A token is fairly easy to intercept and copy. If there is no other security process and the token doesn't expire, the attacked has permanent access to the system.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.