JWT 令牌接受的最长过期时间是多少 [英] What is the max expiration time accepted by JWT tokens
问题描述
我想知道我可以设置的 JWT 令牌过期的最大值是多少.
I want to know what is the max value I can set of the JWT token expiration.
谢谢!
推荐答案
过期时间没有规定.主要取决于使用token的上下文.
There is no rule about the expiration time. It mainly depends on the context where the token is used.
JWT 必须包含才能被视为有效的声明集取决于上下文,并且超出了本规范的范围.
The set of claims that a JWT must contain to be considered valid is context dependent and is outside the scope of this specification.
因此,您可以考虑,对于关键进程,可能需要较短的生命周期(仅几秒或几分钟).对于琐碎的上下文,一个月的生命周期,一年甚至一个没有过期时间的令牌都是可以接受的.
Thus you can consider that for critical processes, a short lifetime may be needed (only few seconds or minutes). For trivial contexts, one month lifetime, one year or even a token without expiration time could be acceptable.
这篇关于JWT 令牌接受的最长过期时间是多少的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!