JWT令牌接受的最大到期时间是多少 [英] What is the max expiration time accepted by JWT tokens

问题描述

我想知道JWT令牌过期的最大值.

I want to know what is the max value I can set of the JWT token expiration.

谢谢！

推荐答案

没有到期时间规则.这主要取决于使用令牌的上下文.

There is no rule about the expiration time. It mainly depends on the context where the token is used.

RFC7519第4部分:

JWT必须包含的一组声明才被视为有效的声明依赖于上下文，并且不在本规范的范围之内.

The set of claims that a JWT must contain to be considered valid is context dependent and is outside the scope of this specification.

因此，您可以考虑对于关键过程，可能需要很短的使用寿命(仅几秒钟或几分钟).对于琐碎的情况，可以接受一个月的生命周期，一年甚至一个没有到期时间的令牌.

Thus you can consider that for critical processes, a short lifetime may be needed (only few seconds or minutes). For trivial contexts, one month lifetime, one year or even a token without expiration time could be acceptable.

这篇关于JWT令牌接受的最大到期时间是多少的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！