How can set no expiration for Auth?

default discord avatar
Japineda16
2 months ago
6

Hi, I read the official doc, and I saw that I can setting up a

tokenExpiration

field, but I need that the system never expires.

  • discord user avatar
    jarrod_not_jared
    Payload Team
    2 months ago

    Would an api-key work better for you? Cookies have a hard limit of 400 days mandated by the browser. You could enable api-keys on your user collection and then use an api-key authenticate with infinitely. Here’s some more info about them:

    https://payloadcms.com/docs/authentication/config#api-keys
  • default discord avatar
    Japineda16
    2 months ago

    There's not exist someway to use jwt?

  • discord user avatar
    jarrod_not_jared
    Payload Team
    2 months ago

    You can also use JWT yeah!



    Authorization: JWT your-token-here

  • default discord avatar
    Japineda16
    2 months ago

    Yes but using JWT passing by Authorization, keeps expiring



    There's exist some way to avoid JWT expiration?

  • default discord avatar
    paulpopus
    2 months ago

    Not really, the intention of JWTs and this kind of "temporary token authorisation" is the fact that they expire, what you're really looking for is the API key linked above, that is also going to have the behaviour you want of not expiring.


    Any other solution to get JWTs to behave like an API key would just be hacky and not recommended

  • discord user avatar
    seanzubrickas
    Payload Team
    last month

    Hey @Japineda16 do you have any follow up questions here? If not I'll close this one out. Thanks!

Open the post
Continue the discussion in Discord
Like what we're doing?
Star us on GitHub!

Star

Connect with the Payload Community on Discord

Discord

online

Can't find what you're looking for?

Get help straight from the Payload team with an Enterprise License.