TTL for tokens

Oct 25, 2010 at 8:01 PM


On the dev server, what is the length of time for which auth tokens are valid?

Many thanks,


Oct 26, 2010 at 9:08 AM

24 hours.

Oct 26, 2010 at 1:53 PM


Thanks for your quick response. In production, I imagine, there are more options, e.g. non-expiring token (till user explicitly take away permissions), is that correct?

Oct 26, 2010 at 8:43 PM

At look at the "Misc" page.  "Automatic" sign on is really a code word for application defined expiration.  The C# SDK will take the token and create a persistent cookie. 

As far as Java goes, send "persistwctoken=true" to Shell at log-in and HV will use the configured value from for the token expiration.  You can then persist the token in a cookie (or wherever) as part of a keep-me-signed-in feature.