为什么刷新令牌在14天后过期 [英] Why do refresh tokens expire after 14 days

问题描述

每个刷新令牌的有效期为14天。刷新令牌为何会过期？

Each refresh token is valid for 14 days. Why do the refresh tokens expire?

推荐答案

14天基于实现OAuth2的最佳实践。请参阅为什么访问令牌会过期？有关OAuth2刷新原因的相当全面的答案令牌到期。

14 days was based on what is considered best practice in implementing OAuth2. See Why do access tokens expire? for a pretty comprehensive answer about why OAuth2 refresh tokens expire.

我们有兴趣了解大于14的数字将对您的应用程序有用。我们根据最初的反馈，应用程序开发人员的调查以及用户的应用程序登录时间选择了14天。绝大多数用户使用应用程序登录的频率高于每14天一次。

We are interested in hearing what number bigger than 14 would work for your application. We picked 14 days based on initial feedback, surveys from application developers, as well as looking at application logins by users. A high majority of users login with apps more often than every 14 days.

您能解释一下用例吗？理想的非无限刷新间隔可以使您在安全性和便利性之间保持平衡，

Can you explain your use case? What would be the ideal non-infinite refresh-interval that would give you a balance between peace-of-mind about security, and convenience

这篇关于为什么刷新令牌在14天后过期的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！