Google Git
Sign in
apache / usergrid / 28cad0117254552c786717a52fe4921aef6e6ad1 / . / content / docs / security-and-auth / changing-token-time-live-ttl.html
blob: f9f9cad953e1d0bf8442bb27ee317ff661d0c3c6 [file] [log] [blame]
<!DOCTYPE html>
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Changing token expiration (time-to-live) &mdash; Apache Usergrid 2.x documentation</title>
<link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
<link rel="top" title="Apache Usergrid 2.x documentation" href="../index.html"/>
<link rel="next" title="Authenticating API requests" href="authenticating-api-requests.html"/>
<link rel="prev" title="Authentication levels" href="user-authentication-types.html"/>
<script src="../_static/js/modernizr.min.js"></script>
</head>
<body class="wy-body-for-nav" role="document">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-nav-search">
<a href="../index.html" class="icon icon-home"> Apache Usergrid
</a>
<div class="version">
2.x
</div>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
<p class="caption"><span class="caption-text">Getting Started</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../introduction/overview.html">Getting Started</a></li>
<li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li>
<li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li>
<li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li>
</ul>
<p class="caption"><span class="caption-text">Using Usergrid</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../using-usergrid/creating-account.html">Creating a Usergrid Account</a></li>
<li class="toctree-l1"><a class="reference internal" href="../using-usergrid/creating-a-new-application.html">Creating a new application</a></li>
<li class="toctree-l1"><a class="reference internal" href="../using-usergrid/using-a-sandbox-app.html">Using a Sandbox Application</a></li>
<li class="toctree-l1"><a class="reference internal" href="../using-usergrid/using-the-api.html">Using the API</a></li>
</ul>
<p class="caption"><span class="caption-text">Data Storage</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../data-storage/data-store-dbms.html">The Usergrid Data Store</a></li>
<li class="toctree-l1"><a class="reference internal" href="../data-storage/optimizing-access.html">Data Store Best Practices</a></li>
<li class="toctree-l1"><a class="reference internal" href="../data-storage/collections.html">Collections</a></li>
<li class="toctree-l1"><a class="reference internal" href="../data-storage/entities.html">Entities</a></li>
</ul>
<p class="caption"><span class="caption-text">Data Queries</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../data-queries/querying-your-data.html">Querying your data</a></li>
<li class="toctree-l1"><a class="reference internal" href="../data-queries/query-parameters.html">Query parameters &amp; clauses</a></li>
<li class="toctree-l1"><a class="reference internal" href="../data-queries/operators-and-types.html">Query operators &amp; data types</a></li>
<li class="toctree-l1"><a class="reference internal" href="../data-queries/advanced-query-usage.html">Advanced query usage</a></li>
</ul>
<p class="caption"><span class="caption-text">Entity Connections</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../entity-connections/connecting-entities.html">Connecting entities</a></li>
<li class="toctree-l1"><a class="reference internal" href="../entity-connections/retrieving-entities.html">Retrieving connections</a></li>
<li class="toctree-l1"><a class="reference internal" href="../entity-connections/disconnecting-entities.html">Disconnecting entities</a></li>
</ul>
<p class="caption"><span class="caption-text">Push Notifications</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/overview.html">Push notifications overview</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/adding-push-support.html">Adding push notifications support</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/getting-started.html">Getting started with push notifications</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/tutorial.html">Tutorial: Push notifications sample app</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/registering.html">Registering with a notification service</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/creating-notifiers.html">Creating notifiers</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/managing-users-and-devices.html">Managing users and devices</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/creating-and-managing-notifications.html">Creating and managing notifications</a></li>
<li class="toctree-l1"><a class="reference internal" href="../push-notifications/troubleshooting.html">Troubleshooting</a></li>
</ul>
<p class="caption"><span class="caption-text">Security &amp; Authentication</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="app-security.html">Security &amp; token authentication</a></li>
<li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li>
<li class="toctree-l1"><a class="reference internal" href="using-roles.html">Using roles</a></li>
<li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users &amp; app clients</a></li>
<li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="">Changing token expiration (time-to-live)</a><ul>
<li class="toctree-l2"><a class="reference internal" href="#default-ttl">Default ttl</a></li>
<li class="toctree-l2"><a class="reference internal" href="#changing-the-default-ttl">Changing the default ttl</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#request-syntax">Request syntax</a></li>
<li class="toctree-l3"><a class="reference internal" href="#example-request">Example Request</a></li>
<li class="toctree-l3"><a class="reference internal" href="#example-response">Example response</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="#changing-ttl-when-a-token-is-created">Changing ttl when a token is created</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="authenticating-api-requests.html">Authenticating API requests</a></li>
<li class="toctree-l1"><a class="reference internal" href="revoking-tokens-logout.html">Revoking tokens (logout)</a></li>
<li class="toctree-l1"><a class="reference internal" href="facebook-sign.html">Facebook sign in</a></li>
<li class="toctree-l1"><a class="reference internal" href="securing-your-app.html">Security best practices</a></li>
</ul>
<p class="caption"><span class="caption-text">User Management &amp; Social Graph</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../user-management/user-management.html">User management &amp; social graph</a></li>
<li class="toctree-l1"><a class="reference internal" href="../user-management/working-user-data.html">Working with User Data</a></li>
<li class="toctree-l1"><a class="reference internal" href="../user-management/group.html">Working with group data</a></li>
<li class="toctree-l1"><a class="reference internal" href="../user-management/activity.html">Activity</a></li>
<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html">Social Graph Connections</a></li>
<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html#creating-other-connections">Creating other connections</a></li>
<li class="toctree-l1"><a class="reference internal" href="../user-management/messagee-example.html">App Example - Messagee</a></li>
</ul>
<p class="caption"><span class="caption-text">Geo-location</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../geolocation/geolocation.html">Geolocating your Entities</a></li>
</ul>
<p class="caption"><span class="caption-text">Assets &amp; Files</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/uploading-assets.html">Uploading assets</a></li>
<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/retrieving-assets.html">Retrieving assets</a></li>
<li class="toctree-l1"><a class="reference internal" href="../assets-and-files/folders.html">Folders</a></li>
</ul>
<p class="caption"><span class="caption-text">Counters &amp; Events</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/events-and-counters.html">Counters &amp; events</a></li>
<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html">Creating &amp; incrementing counters</a></li>
<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#decrementing-resetting-counters">Decrementing/resetting counters</a></li>
<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#using-counters-hierarchically">Using counters hierarchically</a></li>
<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/retrieving-counters.html">Retrieving counters</a></li>
</ul>
<p class="caption"><span class="caption-text">Organizations &amp; Applications</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization &amp; application management</a></li>
<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li>
<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li>
<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/admin-user.html">Admin user</a></li>
</ul>
<p class="caption"><span class="caption-text">API Reference</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html">Methods</a></li>
<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html#models">Models</a></li>
<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html#sub-types">Sub-Types</a></li>
</ul>
<p class="caption"><span class="caption-text">Client SDKs</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../sdks/tbd.html">COMING SOON...</a></li>
</ul>
<p class="caption"><span class="caption-text">Installing Usergrid</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../installation/deployment-guide.html">Usergrid 2.1.0 Deployment Guide</a></li>
</ul>
<p class="caption"><span class="caption-text">More about Usergrid</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../reference/presos-and-videos.html">Presentations &amp; Videos</a></li>
<li class="toctree-l1"><a class="reference internal" href="../reference/contribute-code.html">How to Contribute Code &amp; Docs</a></li>
</ul>
</div>
&nbsp;
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
<nav class="wy-nav-top" role="navigation" aria-label="top navigation">
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Apache Usergrid</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="breadcrumbs navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html">Docs</a> &raquo;</li>
<li>Changing token expiration (time-to-live)</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/security-and-auth/changing-token-time-live-ttl.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<div class="section" id="changing-token-expiration-time-to-live">
<h1>Changing token expiration (time-to-live)<a class="headerlink" href="#changing-token-expiration-time-to-live" title="Permalink to this headline"></a></h1>
<p>An access token has a “time-to-live” (ttl), which is the maximum time
that the access token will be valid for use within the application. With
the Usergrid, you can change the default ttl for all application user
tokens, set the ttl for an individual token at the time of creation, or
revoke one or more tokens. This gives you a high degree of control over
access to your Usergrid account and data store.</p>
<div class="section" id="default-ttl">
<h2>Default ttl<a class="headerlink" href="#default-ttl" title="Permalink to this headline"></a></h2>
<p>By default, all tokens have a system-defined time-to-live of 7 days
(604800 seconds). Note that Token ttl is specified in milliseconds, but
when a token is created, the API response will return the ttl in
seconds.</p>
</div>
<div class="section" id="changing-the-default-ttl">
<h2>Changing the default ttl<a class="headerlink" href="#changing-the-default-ttl" title="Permalink to this headline"></a></h2>
<p>You can change the default ttl for all application user tokens (that is,
tokens associated with a user entity) by updating the application
entity’s accesstokenttl property. Changing the default ttl will only
affect new tokens. Any existing tokens will not be affected.</p>
<p>Please note that this does not apply to application client, organization
client or admin user tokens. For more on obtaining tokens for these
other authorization levels, see <a class="reference external" href="authenticating-users-and-application-clients.html">Authenticating users and application
clients</a>.</p>
<p><strong>Note</strong>: If you set ttl=0, the token will never expire. This can pose a
security risk and should be used with caution.</p>
<div class="section" id="request-syntax">
<h3>Request syntax<a class="headerlink" href="#request-syntax" title="Permalink to this headline"></a></h3>
<div class="highlight-python"><div class="highlight"><pre>curl -X PUT https://api.usergrid.com/&lt;org_name&gt;/&lt;app_name&gt; -d &#39;{&quot;accesstokenttl&quot;:&lt;ttl_in_milliseconds&gt;}&#39;
</pre></div>
</div>
</div>
<div class="section" id="example-request">
<h3>Example Request<a class="headerlink" href="#example-request" title="Permalink to this headline"></a></h3>
<div class="highlight-python"><div class="highlight"><pre>curl -X PUT https://api.usergrid.com/your-org/your-app -d &#39;{&quot;accesstokenttl&quot;:&quot;1800000&quot;}&#39;
</pre></div>
</div>
</div>
<div class="section" id="example-response">
<h3>Example response<a class="headerlink" href="#example-response" title="Permalink to this headline"></a></h3>
<div class="highlight-python"><div class="highlight"><pre><span class="p">{</span>
<span class="s">&quot;action&quot;</span> <span class="p">:</span> <span class="s">&quot;put&quot;</span><span class="p">,</span>
<span class="s">&quot;application&quot;</span> <span class="p">:</span> <span class="s">&quot;d878de4r-99a7-11e3-b31d-5373d7165c2d&quot;</span><span class="p">,</span>
<span class="s">&quot;params&quot;</span> <span class="p">:</span> <span class="p">{</span>
<span class="s">&quot;access_token&quot;</span> <span class="p">:</span> <span class="p">[</span> <span class="s">&quot;DFR4d5M1mJmoEeOGVPncm-g9qgAAAURv_lfQ7uu6aYHjJJn7QCrGoVnvU-ob5Ko&quot;</span> <span class="p">]</span>
<span class="p">},</span>
<span class="s">&quot;uri&quot;</span> <span class="p">:</span> <span class="s">&quot;https://api.usergrid.com/amuramoto/secured&quot;</span><span class="p">,</span>
<span class="s">&quot;entities&quot;</span> <span class="p">:</span> <span class="p">[</span> <span class="p">{</span>
<span class="s">&quot;uuid&quot;</span> <span class="p">:</span> <span class="s">&quot;d878de4r-99a7-11e3-b31d-5373d7165c2d&quot;</span><span class="p">,</span>
<span class="s">&quot;type&quot;</span> <span class="p">:</span> <span class="s">&quot;application&quot;</span><span class="p">,</span>
<span class="s">&quot;name&quot;</span> <span class="p">:</span> <span class="s">&quot;your-org/your-app&quot;</span><span class="p">,</span>
<span class="s">&quot;created&quot;</span> <span class="p">:</span> <span class="mi">1392843003032</span><span class="p">,</span>
<span class="s">&quot;modified&quot;</span> <span class="p">:</span> <span class="mi">1392843615777</span><span class="p">,</span>
<span class="s">&quot;accesstokenttl&quot;</span> <span class="p">:</span> <span class="mi">1800000</span><span class="p">,</span>
<span class="s">&quot;organizationName&quot;</span> <span class="p">:</span> <span class="s">&quot;your-org&quot;</span><span class="p">,</span>
<span class="s">&quot;applicationName&quot;</span> <span class="p">:</span> <span class="s">&quot;your-app&quot;</span><span class="p">,</span>
<span class="s">&quot;apigeeMobileConfig&quot;</span> <span class="p">:</span> <span class="s">&quot;{...}&quot;</span><span class="p">,</span>
<span class="s">&quot;metadata&quot;</span> <span class="p">:</span> <span class="p">{</span>
<span class="s">&quot;collections&quot;</span> <span class="p">:</span> <span class="p">[</span> <span class="s">&quot;activities&quot;</span><span class="p">,</span> <span class="s">&quot;assets&quot;</span><span class="p">,</span> <span class="s">&quot;devices&quot;</span><span class="p">,</span> <span class="s">&quot;events&quot;</span><span class="p">,</span> <span class="s">&quot;folders&quot;</span><span class="p">,</span> <span class="s">&quot;groups&quot;</span><span class="p">,</span> <span class="s">&quot;roles&quot;</span><span class="p">,</span> <span class="s">&quot;users&quot;</span> <span class="p">]</span>
<span class="p">}</span>
<span class="p">}</span> <span class="p">],</span>
<span class="s">&quot;timestamp&quot;</span> <span class="p">:</span> <span class="mi">1392843615767</span><span class="p">,</span>
<span class="s">&quot;duration&quot;</span> <span class="p">:</span> <span class="mi">28</span><span class="p">,</span>
<span class="s">&quot;organization&quot;</span> <span class="p">:</span> <span class="s">&quot;your-org&quot;</span><span class="p">,</span>
<span class="s">&quot;applicationName&quot;</span> <span class="p">:</span> <span class="s">&quot;your-app&quot;</span>
<span class="p">}</span>
</pre></div>
</div>
</div>
</div>
<div class="section" id="changing-ttl-when-a-token-is-created">
<h2>Changing ttl when a token is created<a class="headerlink" href="#changing-ttl-when-a-token-is-created" title="Permalink to this headline"></a></h2>
<p>When you request an access token, you can override its ttl by including
a ttl property in the body of the request when the token is created.
This applies to tokens for all authentication levels, including
application user, admin user, organization client, and application
client authentication levels.</p>
<p>The ttl must be equal to or less than the value of the application
entity&#8217;s accesstokenttl property. If you specify a ttl value greater
than the value of accesstokenttl, an error message is returned that
indicates the maximum time to live value that can be specified.</p>
<p>For example, the following would create an application user token with a
ttl of 180000000 milliseconds:</p>
<div class="highlight-python"><div class="highlight"><pre>curl -X POST https://api.usergrid.com/your-org/your-app/token -d &#39;{&quot;username&quot;:&quot;someUser&quot;, &quot;password&quot;:&quot;somePassword&quot;, &quot;grant_type&quot;:&quot;password&quot;, &quot;ttl&quot;:&quot;180000000&quot;}&#39;
</pre></div>
</div>
<p><strong>Note</strong>: If you set ttl=0, the token will never expire. This can pose a
security risk and should be used with caution.</p>
</div>
</div>
</div>
</div>
<footer>
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
<a href="authenticating-api-requests.html" class="btn btn-neutral float-right" title="Authenticating API requests" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a>
<a href="user-authentication-types.html" class="btn btn-neutral" title="Authentication levels" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a>
</div>
<hr/>
<div role="contentinfo">
<p>
&copy; Copyright 2013-2015, Apache Usergrid.
</p>
</div>
Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT:'../',
VERSION:'2.x',
COLLAPSE_INDEX:false,
FILE_SUFFIX:'.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="../_static/jquery.js"></script>
<script type="text/javascript" src="../_static/underscore.js"></script>
<script type="text/javascript" src="../_static/doctools.js"></script>
<script type="text/javascript" src="../_static/js/theme.js"></script>
<script type="text/javascript">
jQuery(function () {
SphinxRtdTheme.StickyNav.enable();
});
</script>
</body>
</html>