Review M-Files on G2 & get a $25 gift card Arrow right Review us!

Options
  • Locked Locked
  • Replies 3 replies
  • Subscribers 9 subscribers
  • Views 1204 views
  • Users 0 members are here
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why do cloud vault non-expiration authentication tokens fail after long time?

Victor Vogelpoel
A colleague had an experience with cloud vault authentication tokens that fail after a long time, although NO expiration datetime was submitted when logging on. He proceeded on re-authenticating a REST request in his code whenever a 403 is encountered with the same credentials that was used to authenticate the first time.

Expiring Cloud vault authentication tokens are not a good thing for long running operations.

My question: How do cloud vault authentication tokens expire, although acquired without expiration? What did happen causing the token to invalidate. Things I could think of:
- something changed in the M-Files user account and caused the token to invalidate?
- vault session reset?
- vault server restart?
Parents
  • Hi Victor,

    Tokens with the REST API are not identical to tokens in other systems, where the token is a pre-generated static token that is designed for use by one integration. Whilst M-Files tokens with no explicit expiry are typically re-usable, you should in particular note the comment on the Developer Portal (developer.m-files.com/.../


    Note that you should not expect tokens without an expiry to last forever; many situations may cause the token to become unusable.


    In the case of a cloud instance it is possible that the server was upgraded or had some other maintenance applied to it that caused the token to expire. It is good practice to design any integration around the premise that the token may expire (and a 403 returned) and need to be re-requested. If you cannot do that for some reason then you may want to look at providing authentication details inside the HTTP request itself (X-Username, etc.) which avoids the need for a token.

    Regards,

    Craig.
Reply
  • Hi Victor,

    Tokens with the REST API are not identical to tokens in other systems, where the token is a pre-generated static token that is designed for use by one integration. Whilst M-Files tokens with no explicit expiry are typically re-usable, you should in particular note the comment on the Developer Portal (developer.m-files.com/.../


    Note that you should not expect tokens without an expiry to last forever; many situations may cause the token to become unusable.


    In the case of a cloud instance it is possible that the server was upgraded or had some other maintenance applied to it that caused the token to expire. It is good practice to design any integration around the premise that the token may expire (and a 403 returned) and need to be re-requested. If you cannot do that for some reason then you may want to look at providing authentication details inside the HTTP request itself (X-Username, etc.) which avoids the need for a token.

    Regards,

    Craig.
Children
No Data
M-Files
M-Files Support


© 2024 M-Files, All Rights Reserved.