Important
When creating a token, if the token expiry is set to a value smaller than the revocable-expiry-thresholdparameter specified in the Access YAML Configuration , the token will be non-revocable.By default, the value of therevocable-expiry-threshold parameter is set to 6 hours.
For example, if you set an expiry that is less than 6 hours, the token will not be revocable until it expires naturally.
You can limit the validity period of a token by setting the expiry time when generating a token. If set, the token will be valid until the expiration time will pass.
You can also set a token to be non-expirable by setting the expiry to zero, in which case it will be valid indefinitely until actively revoked.
This value is set by using the "expires_in=<VALUE_IN_SECONDS>" parameter when generating the token (see example in REST API section below). If not used the default value will be 3600 meaning your token will be valid for one hour.
Artifactory Administrator Only
Only an Artifactory administrator can change the validity period of a token to any value.
Non-admin users can only set the token validity period to a value that is equal or less than the maximum allowed value set by the admin.
From version 7.21.1, this can be specified by setting the
token.max-expiryparameter in the$JFROG_HOME/artifactory/var/etc/artifactory/access.config.latest.ymlfile (prior to version 7.21.1, the parameter to set wasartifactory.access.token.non.admin.max.expires.in).If the
token.max-expiryis equal to 0 (which is the default), there is no limitation to the token expiry. However, if the maximum expiry is greater than 0, the user cannot create a non-expirable token.The
token.max-expiryparameter must be set to a value higher than thetoken.default-expiryparameter value.