From unav-data at postal.unavco.org Wed Jan 18 21:18:32 2023 From: unav-data at postal.unavco.org ([Announce] from the UNAVCO Data Archive) Date: Wed, 18 Jan 2023 14:18:32 -0700 Subject: data-idm.unavco.org users Message-ID: The Identity Management (IdM) team increased the refresh token timeout/lifetime to 1 year for our Command Line Interface (CLI) that is used to facilitate authentication with our pre-release data-idm file server. We made this immediate and interim change because our Refresh tokens were not updating as intended and were expiring after 30 days regardless of being refreshed. Please note, we are in the midst of re-designing our CLI and IdM system refresh token setup and considering turning off Refresh token rotation/expiration for our CLI in a forthcoming release of our CLI. This would effectively allow Refresh tokens to be refreshed indefinitely. We believe that this more permissive policy is adequate from a security standpoint, as these tokens are being used to access openly available data and are simply to help account for who is accessing data. We will keep the community updated as we finalize new plans and release new features. Thanks for working with us on this new way of accessing our data file server. Regards, Doug Ertz and the Identity Management team -------------- next part -------------- An HTML attachment was scrubbed... URL: