Options
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 500 views
  • Users 0 members are here
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Authentication Token Validity Duration

abagrecha

Hi, 

For how much time the Authentication Token is valid which is generated  using /server/authenticationtokens api call?

  • 0

    This is documented on this page: Authenticating to the M-Files Web Service (REST API)

    Specifically:

    If no expiry information is provided then the authentication token returned will have an indeterminate expiry. Note that you should write code to handle a 403 returned by the token having expired, as many situations may cause the token to become unusable. Without an expiration datetime, the only way to forcibly expire an authentication token is to change the user’s login credentials and restart M-Files Web Access.

    Exactly when the token becomes invalid is outside of your control or configuration.  It could happen when user credentials change.  It could happen when a server is restarted.  In MSM environments it could happen when requests are routed to a different server.

    It is strongly recommended that you read through the approaches around both providing a token expiration and also around logging out sessions when you are done with them.





              

© M-Files Corporation 2024 | Privacy Policy