ad-85
commented
1 month ago Closed ad-85 closed 1 month ago
ad-85
commented
1 month ago 
adamdriscoll
commented
1 month ago This issue has been mentioned on Ironman Software Forums. There might be relevant details there:
https://forums.ironmansoftware.com/t/maximum-lifespan-to-allow-in-apptoken-grant-endpoint/10920/2
Summary of the new feature / enhancement
I'd like to be able to allow users to grant their own app tokens (currently I supply them manually) but I do not want them to be able to exceed a certain lifetime for security reasons. There does not currently appear to be a method available to do this.
Proposed technical implementation details (optional)
Addition of a setting, either in appsettings.json or settings.ps1 to restrict the maximum value of the
lifespanDaysparameter in the AppToken grant endpoints -/api/v1/apptoken/grantand/api/v1/apptoken/grant/{id}.