Skip to main content

Configuring expiration

In the Hydra config.yaml - located in your Hydra directory - you can set times for how long a login/consent flow may take, expiration times for access tokens, refresh tokens, id tokens and auth codes.

Key ttl.login_consent_request configures how long a user login and consent flow may take.

path/to/hydra/config.yaml
#....
## login_consent_request ##
#
# Configures how long a user login and consent flow may take.
#
# Default value: 1h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_LOGIN_CONSENT_REQUEST=<value>
# - Windows Command Line (CMD):
# > set TTL_LOGIN_CONSENT_REQUEST=<value>
#
login_consent_request: 1h
#....

Access Token expiration

Key ttl.access_token configures how long access tokens are valid.

path/to/hydra/config.yaml
#....
## access_token ##
#
# Configures how long access tokens are valid.
#
# Default value: 1h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_ACCESS_TOKEN=<value>
# - Windows Command Line (CMD):
# > set TTL_ACCESS_TOKEN=<value>
#
access_token: 1h
#....

Refresh Token expiration

Key ttl.refresh_token configures how long refresh tokens are valid. Set to -1 for refresh tokens to never expire.

path/to/hydra/config.yaml
#....
## refresh_token ##
#
# Configures how long refresh tokens are valid. Set to -1 for refresh tokens to never expire.
#
# Default value: 720h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_REFRESH_TOKEN=<value>
# - Windows Command Line (CMD):
# > set TTL_REFRESH_TOKEN=<value>
#
refresh_token: "-1"
#....

ID Token Expiration

Key ttl.id_token configures how long id tokens are valid.

path/to/hydra/config.yaml
#....
## id_token ##
#
# Configures how long id tokens are valid.
#
# Default value: 1h
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_ID_TOKEN=<value>
# - Windows Command Line (CMD):
# > set TTL_ID_TOKEN=<value>
#
id_token: 1h
#....

Auth Code expiration

Key ttl.auth_code configures how long auth codes are valid.

path/to/hydra/config.yaml
#....
## auth_code ##
#
# Configures how long auth codes are valid.
#
# Default value: 10m
#
# Set this value using environment variables on
# - Linux/macOS:
# export TTL_AUTH_CODE=<value>
# - Windows Command Line (CMD):
# > set TTL_AUTH_CODE=<value>
#
auth_code: 1h
#....