Hi nodered experts,
May I know the meaning for the expires_in in the admin API of nodered?
I believed this is the range of time where the token will be expire, but I am not sure wether it is in minutes? hour? or days?
The 604800 means?
In addition, I want my token to never get expired, is it possible?
Regards,
Henjoe
That value looks familiar, so my guess is, those are seconds. 
Meaning 604800 = 60 * 60 * 24 * 7, which is one week.
I see!
It is not mentioned in their documentation, I guess you are right.
Thanks!
Regards,
Henjoe
A bearer token that never expires is VERY insecure.
The problem with bearer tokens is that they are used as a security feature but really they are only a convenience feature. The system must provide the security processing.
A token is fairly easy to intercept and copy. If there is no other security process and the token doesn't expire, the attacked has permanent access to the system.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy
