https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> the jwt is issued with `expires_in`...
# ory-copilot
m
@chilly-king-10285 the jwt is issued with 
expires_in
parameter, what is unit and is it possible to issue with 
expires_at
instead?
c
A message from kapa.ai
The 
expires_in
parameter is not explicitly mentioned in the provided knowledge sources. However, in the context of JWTs and OAuth2, 
expires_in
typically represents the lifetime of an access token in seconds. As for the 
expires_at
parameter, it is used in Ory's session management. It defines the time when the session expires, and this value depends on the session lifespan configuration. However, it's not mentioned in the context of issuing JWTs. In the context of JWTs, there is an 
exp
(expiration time) claim that restricts the time window during which the JWT can be used. This can be controlled through the 
/oauth2/grant/jwt/max_ttl
setting in Ory. The 
exp
claim is a standard claim in JWTs and represents the expiration time on or after which the JWT must not be accepted for processing. Its value is a JSON number representing the number of seconds from 1970-01-01T000Z as measured in UTC until the date/time. If you want to set the expiration time of a JWT, you would typically use the 
exp
claim. If you want to use a different claim like 
expires_at
, you would need to implement custom logic in your application to handle that claim. Sources: - [JWT assertion validation requirements](https://www.ory.sh/docs/hydra/guides/jwt#jwt-assertion-validation-requirements) - [Ory session](https://www.ory.sh/docs/kratos/session-management/overview#ory-session) - [
id_token
claims](https://www.ory.sh/docs/oathkeeper/pipeline/mutator#id_token)
2 Views
Open in Slack
PreviousNext
Powered by