Hello,
Is there a way to specify the expiration time for the BPMCSRF token in the OData service on Creatio? After monitoring the token, we noticed that it expires after one hour. We would like to know if it is possible to adjust or configure the expiration time for this token.
We are working on a self-hosted (on-premises) environment, and I referred to the following documentation:
https://academy.creatio.com/docs/8.x/dev/development-on-creatio-platform/integrations-and-api/authentication/oauth-2-0-authorization/oauth-token-lifetime
The documentation suggests running the following query:
update "Clients"
set "AccessTokenLifetime" = New_Token_Lifetime
where "ClientId" = Some_Client_Id
However, we could not locate the Clients table in our environment. Could you please provide guidance on how to proceed or clarify if this approach applies to our setup?
Georges
Like
The mentioned instructions apply to the OAuth authentication type. If we talk about basic authentication, BPMCSRF lives as long as the user session is active. Currently, the lifetime of the "BPMCSRF" cookie is equal to the session's lifetime, which cannot be changed.
The session's lifespan can be extended by increasing the session timeout for a specific user or the entire system.