Page MenuHomeSoftware Heritage

Improve handling of expired authentication tokens
Closed, ResolvedPublic

Description

Authentication tokens for the Web API expire after 30 days of inactivity so:

  • Documentation about that fact should be added.
  • Error message returned by the Web API should be more explicit, something like Offline token expired after 30 days of inactivity; please create a new one..
  • Expired tokens stored encrypted in swh-web database should be removed when a user browses the tokens Web UI.