Currently, JWTs in Open Zaak are a) valid for 1 hour and b) have no leeway. 

This means:

a) Clients can generate a JWT, and use this token for 1 hour. After 1 hour, the token will no longer work and the client needs to generate a new one.

b) Because there is no leeway, if there is some time difference between the client and the server. A token that is valid on the client until 12:00:00 and the client is 5 behind the time the server, the token will no longer be valid at 11:59:55.

The question arose to increase the JWT default duration from 1 hour to 1 day and to increase the  default leeway to 5 seconds.

Input and thoughts are appreciated.

Best regards,

Joeri Bekker