This topic describes
PowerProtect Data Manager REST API tokens and the default token expiry intervals. These steps also change the behavior of the REST API token expiry mechanism.
About this task
The REST API uses two separate types of tokens: access and refresh. Access tokens are bearer tokens that authenticate REST API calls. Refresh tokens provide enough information to get a new access token after the access token expires.
Using refresh tokens enables you to set shorter lifespans on access tokens without causing frequent credential requests. Shorter access token lifespans reduce the risk of compromised token values. The
OAuth Authorization Framework provides more information about token types.
The default time unit is
MINUTES. Available time units include:
DAYS,
HOURS,
MINUTES,
MONTHS,
SECONDS, and
WEEKS.
The default access token expiry time is
480. The default refresh token expiry time is
1440.
Steps
Connect to the
PowerProtect Data Manager console as an admin user.
Using a Linux text editor, open
/usr/local/brs/lib/aaa/config/application-server-custom.properties.
Modify the following properties:
Property
Description
aaa.jwt.token.chrono-unit
The unit for the expiration time properties.
aaa.jwt.token.access-expiration-time
The amount of time after which access tokens expire.
aaa.jwt.token.refresh-expiration-time
The amount of time after which refresh tokens expire.
Save and close the file.
Apply the new configuration:
aaa restart
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\