Search code examples
oauth-2.0oauthjwtaccess-tokenory-hydra

Increase expiration time of OAuth access token generated from Ory Hydra

I am following this tutorial to Validate JWT tokens using JWKS Article

But the access_token generated expires in 60 minutes.I need to increase this expiration time to 10years for Junit test cases. I tried generating token after changing configuration ( Documentation ) but the token generated still expires in 60minutes.

Steps to reproduce -

  1. git clone https://github.com/ory/hydra.git
  2. cd to hydra directory
    docker-compose -f quickstart.yml \
                   -f quickstart-jwt.yml \
                   up --build

    docker-compose -f quickstart.yml exec hydra \
                           hydra clients create \
                           --endpoint http://127.0.0.1:4445/ \
                           --id my-client \
                           --secret secret \
                           -g client_credentials

    curl -s -k -X POST \
       -H "Content-Type: application/x-www-form-urlencoded" \
       -d grant_type=client_credentials \
       -u 'my-client:secret' \
       http://localhost:4444/oauth2/token

In the last part we get the access_token. Response -

{  "access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InB1YmxpYzpmMGZiNWQ5MC0wZGEwLTQ5ZDMtYTgzYS1jYmE0YWIzOWNkNjcifQ.eyJhdWQiOltdLCJjbGllbnRfaWQiOiJteS1jbGllbnQiLCJleHAiOjE2NDM0MDA0MDUsImV4dCI6e30sImlhdCI6MTY0MzM5NjgwNSwiaXNzIjoiaHR0cDovLzEyNy4wLjAuMTo0NDQ0LyIsImp0aSI6IjIwODE3OGE2LWI2OTYtNDVhMy05Mjg5LWVjODA0ZTAzMzNkNSIsIm5iZiI6MTY0MzM5NjgwNSwic2NwIjpbXSwic3ViIjoibXktY2xpZW50In0.RwHKP5mdwBIKO5qnYExXEDKjn4P7G6QuQw4YcR3HYdtG5DYh87EEixPXekAcSjB7y1wqHoMJ4NDtIr6AVu66JU9RXOI0vZT66uXIGauRPQdAt-BAYy0J4oalBzX-TWIbXP-rojVFuiKsroS7ugGm1dC-kHuo0Sqv_h1rTX4rQxQVhqLh-vvYWssDBHNFHHbS1i2lK2Dw8GUeAqM4ZUJLDb1Wytro4ke45y6FnkJuYO3IZpmHg0iq7tj161I5hM0fAdFJGpoqP9VI5DwiuRICr9mbEnnxb6yqLaSrZU0bqq-zHNpw1JW3oTCqHcC_NznAQ1M2UCLpIQ6EH0FIQ3kq42HyD08qPAEYYUAmGcuVcqdv2W9adgESiqGYmfvIaD_x_9CI-ZtFv64liH15-o-1SW_8WVuuIluaoXAd-sJK1tgH5R-ezW-9ZLgRztF1F3e9czu0BYMAVg2coUea0rc6wcgSpEXyWE1NMNlafjQZVfcrhXyk6wKiL3aQWUoDrCUY2xhjsZKIo4wfRpB58STSGxe_TpCZoVOfrz_XhVpD7f-H2z9IaDMQTAWOOJbOousb2b8cCwE0R0jCeamuCe1N3mHE9dlqL5yVpY0EQeWmaEB1y9b6oUjszxvZ6DdEzrKTE9SKyROokJr-ximKVRHt8THD7a1jJAuer7S1sBdavKQ",
   "expires_in":3599,
   "scope":"",
   "token_type":"bearer"
}

Please let me know how to increase this tokens expiration time (expires_in) .

Solution

  • Add the env var TTL_ACCESS_TOKEN to the desired increased value in quickstart-jwt.yml under services.hydra.environment & save the file before Step 3 (i.e before starting the hydra server).

    Ref: https://www.ory.sh/hydra/docs/guides/token-expiration/#access-token-expiration