Auth0 Home Blog Docs

Is there a max value for the redirect to url lifetime in the email templates?

change-password
email-template

#1

There is no validation in the “Change Password” template’s form and field allows to set value up to 99999999999 seconds. Are there any restrictions?


#2

There are no restrictions as of now, but I wouldn’t be surprised if some kind of limit is enforced in the future. What would be a good value for you?


#3

Thanks for your response, Nicolas.

We are hoping to use one year lifetime period for links.


#4

Just curious from a product perspective: what would be the scenario where the expiration for the Change Password should be more than a few minutes? Keep in mind that when the duration increases, so does the security risks of the link getting in the wrong hands and used to gain access to an account.


#5

You are correct about security risks.

Long story short we are planning to use change password email template as a workaround for the invitation links.