Overview
This article explains whether it is possible to configure different expiry for client credential grant access tokens.
For example, if an API has a maximum validity of 1 hour for the access token and is shared as the audience across multiple applications, can different token validity periods be configured for applications that use the same audience?
Applies To
- Access Tokens
Solution
While the “Maximum Access Token Lifetime” setting under APIs in the dashboard allows to customize the Access Token expiry time, this value cannot be dynamically changed from request to request.
Unfortunately, it is not possible to configure the Access Token expiry time dynamically at the moment. To suggest this functionality in a future release of Auth0, please submit a feature request using the Product Feedback form. More information about this process can be found at How to Submit Product Feedback or Feature Requests