[#1087] API Authentication

system · August 6, 2023, 11:06am

Migrated from Redmine #1087 | Author: Sjors sjors
Status: New | Priority: High, I’m very impatient | Created: 2023-08-06

We are currently developing our integration with simplybook and have a question with regards to the authentication process:

How many authentication attempts (both for the auth token and refresh token) can be made before receiving the ‘Too many attempts please try later.’ error?
How long is a auth token and refresh token session valid?

system · August 11, 2023, 11:58am

Redmine Admin wrote:

hi,

It must be reasonable number of attempts, we cannot disclosure exact number for security reasons
auth token is valid 30 minutes, refresh token is valid forever (except some actions made by admin tom invalidate it) but can be used one time only