This message was deleted Rancher Users #general

Join Slack

This message was deleted.

# general

adamant-kite-43734

02/19/2025, 2:24 PM

This message was deleted.

hundreds-evening-84071

02/19/2025, 2:45 PM

In global settings you can change

auth-token-max-ttl-minutes

to whatever you want... Then any new token will have that age limit https://ranchermanager.docs.rancher.com/api/api-tokens#auth-token-max-ttl-minutes

mammoth-postman-10874

02/19/2025, 4:00 PM

@limited-engine-76466 I believe this is what you're looking for https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication

limited-engine-76466

02/19/2025, 6:46 PM

Thank you!

limited-engine-76466

02/19/2025, 6:47 PM

I was starting to set up ingress and nginx to proxy to kube-api. I failed when nginx failed to load haproxy.cfg and that's when I realized I was way off track.

faint-table-99785

04/10/2025, 10:09 PM

is this code documentation up-to-date and accurate ? I tried setting token to <0 and it instantly expires. What am i doing wrong.

✅ 1

faint-table-99785

04/10/2025, 10:10 PM

perhaps i have been reading it wrong. is it stating that

auth-token-max-ttl-minutes

value should be

<0

to enable non-expiring tokens ? (edit: it indeed is)

creamy-pencil-82913

04/10/2025, 10:30 PM

https://github.com/rancher/rancher/blob/main/pkg/apis/ext.cattle.io/v1/types.go#L66-L69

``` // This default is provided by the
auth-token-max-ttl-minutes
setting.

// Note that this default is also the maximum specifiable TTL.

// A value <= 0 there enables non-expiring tokens.```

👍 1

🙏 1

faint-table-99785

04/10/2025, 10:43 PM

yup. just confirmed testing on local rancher instance.

5 Views

Open in Slack

Previous Next