Remove expiration from JWT

torrent · 28 June 2021 16:02

I am trying to create jwt from json data. The problem is, I am using this node

and it always creates a jwt with iat (issue at) and exp (expiration) like this:

Question is: how can I remove iat and exp from jwt?

Colin · 28 June 2021 16:52

In a Change node you can Delete properties by selecting Delete.

TotallyInformation · 28 June 2021 18:36

Be careful, JWT's are meant to be short lived. Remember that they are just a convenience and not a security feature. They are really meant to be used to allow one server to hand off to another (that was the original design criteria) and as such should have timespans in minutes.

Sadly, a large number of developers have abused them but not recognised the weaknesses.

If you need session management, use a session management tool and retain JWT as the short-lived convenience token it is meant to be.

system · 27 August 2021 18:36

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to reduce the Access Token's Expiration Time from Admin Auth API? General security	1	130	22 January 2023
Create server API with Token General http-request , security	9	752	5 September 2022
Oauth refresh token, best workflow? General security	10	533	22 July 2022
Set sessionExpiryTime and require user-authentication in adminAuth General	2	700	1 May 2020
Logging out of Node-Red authentication General	2	1050	3 September 2019

Remove expiration from JWT

Related Topics