search

dadi / api

A high-performance RESTful API layer designed in support of API-first development and COPE. Connects your content to the world
https://dadi.cloud/en/api/
Other
180 stars 29 forks source link

Configurable TTL per client #446

Open danwdart opened 6 years ago

danwdart commented 6 years ago

All TTLs given by /token seem to be set to 1800 (half an hour). Allow this to be configurable per client (ID and secret).

See: https://github.com/dadi/publish/issues/396#issuecomment-400601732

eduardoboucas commented 6 years ago

This is configurable via the auth.ttl config property, but affects all clients. We can look at allowing the TTL value to be overridden at the client level when it is created via the new /api/clients endpoint.

Will add to the backlog. 📚

danwdart commented 6 years ago

Awesome stuff - I think the use case for this if I remember correctly was that some clients were to be used from the API for a longer period as if there were a refresh token and some from Publish with session timeouts.