All,
Currently, JWTs in Open Zaak are a) valid for 1 hour and b) have no leeway.
This means:
a) Clients can generate a JWT, and use this token for 1 hour. After 1 hour, the token will no longer work and the client needs to generate a new one.
b) Because there is no leeway, if there is some time difference between the client and the server. A token that is valid on the client until 12:00:00 and the client is 5 behind the time the server, the token will no longer be valid at 11:59:55.
The question arose to increase the JWT default duration from 1 hour to 1 day and to increase the default leeway to 5 seconds.
Input and thoughts are appreciated.
Best regards,
Joeri Bekker
--
Maykin
Keizersgracht 117, 1015 CJ Amsterdam
tel.: +31 (0)20 753 05 23