Configuring expiration
In the Hydra config.yaml - located in your Hydra directory - you can set times for how long a login/consent flow may take, expiration times for access tokens, refresh tokens, id tokens and auth codes.
Login and consent request expiration
Key ttl.login_consent_request
configures how long a user login and consent flow may take.
path/to/hydra/config.yaml
#....
## login_consent_request ##
#
# Configures how long a user login and consent flow may take.
#
# Default value: 1h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_LOGIN_CONSENT_REQUEST=<value>
# - Windows Command Line (CMD):
# > set TTL_LOGIN_CONSENT_REQUEST=<value>
#
login_consent_request: 1h
#....
Access Token expiration
Key ttl.access_token
configures how long access tokens are valid.
path/to/hydra/config.yaml
#....
## access_token ##
#
# Configures how long access tokens are valid.
#
# Default value: 1h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_ACCESS_TOKEN=<value>
# - Windows Command Line (CMD):
# > set TTL_ACCESS_TOKEN=<value>
#
access_token: 1h
#....
Refresh Token expiration
Key ttl.refresh_token
configures how long refresh tokens are valid. Set to -1 for refresh tokens to never expire.
path/to/hydra/config.yaml
#....
## refresh_token ##
#
# Configures how long refresh tokens are valid. Set to -1 for refresh tokens to never expire.
#
# Default value: 720h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_REFRESH_TOKEN=<value>
# - Windows Command Line (CMD):
# > set TTL_REFRESH_TOKEN=<value>
#
refresh_token: "-1"
#....
ID Token Expiration
Key ttl.id_token
configures how long id tokens are valid.
path/to/hydra/config.yaml
#....
## id_token ##
#
# Configures how long id tokens are valid.
#
# Default value: 1h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_ID_TOKEN=<value>
# - Windows Command Line (CMD):
# > set TTL_ID_TOKEN=<value>
#
id_token: 1h
#....
Auth Code expiration
Key ttl.auth_code
configures how long auth codes are valid.
path/to/hydra/config.yaml
#....
## auth_code ##
#
# Configures how long auth codes are valid.
#
# Default value: 10m
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_AUTH_CODE=<value>
# - Windows Command Line (CMD):
# > set TTL_AUTH_CODE=<value>
#
auth_code: 1h
#....