May I know the meaning for the expires_in in the admin API of nodered?
I believed this is the range of time where the token will be expire, but I am not sure wether it is in minutes? hour? or days?
A bearer token that never expires is VERY insecure.
The problem with bearer tokens is that they are used as a security feature but really they are only a convenience feature. The system must provide the security processing.
A token is fairly easy to intercept and copy. If there is no other security process and the token doesn't expire, the attacked has permanent access to the system.