We use proprietary and third party´s cookies to improve your experience and our services, identifying your Internet Browsing preferences on our website; develop analytic activities and display advertising based on your preferences. If you keep browsing, you accept its use. You can get more information on our Cookie Policy
Cookies Policy
Ask Your Question

Keyrock Token duration

asked 2016-12-07 13:06:59 +0200

emendes gravatar image

updated 2016-12-07 13:22:18 +0200


How do I configure the token duration in my instance of Keyrock? I am trying without success to set "expiration" in the section [token] of the keystone.conf .

Best regards,

Eduardo Mendes

edit retag flag offensive close merge delete

2 answers

Sort by » oldest newest most voted

answered 2016-12-13 10:28:21 +0200

aalonsog gravatar image

Hi, Keystone tokens expiration time is configured in https://github.com/ging/keystone/blob...

Regarding OAuth2 tokens, right now the expiration time is not configurable. We have plans of adding this possibility soon.

edit flag offensive delete link more


Thank you. Is exactly OAuth2 tokens that I need, because of the proxy Wilma.

emendes gravatar imageemendes ( 2016-12-13 15:41:56 +0200 )edit

answered 2016-12-14 01:18:22 +0200

emendes gravatar image

I implemented a simple solution to work with OAuth2, using the same configuration of [token] expiration:

In the file "keystone/contrib/oauth2/core.py"

1) import CONF: from keystone import config CONF = config.CONF

2) add this line in "def init" of "class Server", just after the comments: tokenexpiresin=CONF.token.expiration

That is it. Now it is possible to change the token duration in seconds uncommenting "expiration" inside [token] of keystone.conf

edit flag offensive delete link more


As OAuth2 and Keystone tokens are different, they should also have different expiration time parameters in the configuration. Please, could you implement it that way and contribute the code to the project?

aalonsog gravatar imageaalonsog ( 2016-12-14 11:41:56 +0200 )edit

Maybe creating a new session [oauth2] inside keystone.conf ?

emendes gravatar imageemendes ( 2016-12-14 12:51:51 +0200 )edit

Done. Please give me access to ging/keystone too, in the github.

emendes gravatar imageemendes ( 2016-12-14 13:26:48 +0200 )edit
Login/Signup to Answer

Question Tools

1 follower


Asked: 2016-12-07 13:06:59 +0200

Seen: 4,985 times

Last updated: Dec 14 '16