00ue6u0hk3k0TObUi0h1.5217304914643809E12 (Customer) asked a question.
Recommended way to prevent an API Token from expiring
I understand that an API Token expires after 30 days.
I have feature which uses an API Token.
This feature has the potential of not being used in 30 days. If this occurs, the API Token will expirer and the feature which will not work until a new Token is created.
Given the above situation, what is the recommended solution to prevent the API Token from expiring?
Note: I have my own ideas but I would like to hear recommended way and / or solutions others have used.
Thanks for your help.
Hi Richard,
This is Daniel Corrales from Support Team.
That's right, the API token has a 30 days expiry time. This value can not be changed. However, if the token is used, the expiration timer is reset each time so the token will remain available. I've seen cases where another users use a script to automate the renewal at a certain interval if not been used within the 30 days.
Let me know if you have additional questions/doubts.
Hi Daniel,
Thanks for the response.
So, basically what you saying is you have seen another user schedule a task (or something) that would use the API Token. If it was scheduled to run every 29 days, then the Token would not expire.
It that about it in a nutshell?
Hi Richard,
That's right. Another users schedule tasks or have scheduled scripts to have the API token running periodically so it does not expire.
Let me know if you have additional questions/doubts.
Regards,
Ok, that was my solution as well. I was wondering if there was a better way.
Question: Above you said "I've seen cases where another users use a script to automate the renewal at a certain interval if not been used within the 30 days"
You comment suggests there is a way to know if the token was used in the last 30 days. Is that true?
I was just planning on have my task run unconditional every 29 days.
It there a way to find out when it was last used?
Or would you suggest it runs unconditional.
Please let me know.
Thanks!!!!
Hi Richard,
Correct!! there's a way to know that, you will be able to see the last time a token was used by going to Okta Admin dashboard > Security > API > Tokens tab. You will see a "last time used" column.
Ok good to know.
Not that it would buy me much but it that value available through the okta api? Preferable through the okta api sdk?
Hi Richard,
For this use case I suggest to open a support case (make sure it's assigned to a Dev Support engineer) to clarify all doubts regarding Okta API SKDs as this would be outside of my expertise.
Regards,
Fair enough. Thanks for your help.