Configure the Duration of an HTTP Bearer Token

You set the duration of HTTP bearer tokens in the /etc/vcac/security.properties file on the vRealize Automation appliance.

The effective duration or lifetime of an HTTP bearer token depends on the duration of its corresponding SAML token, which the SSO server creates at request time. An HTTP bearer token expires when it reaches the end of its configured duration, or at the end of the configured duration of the SAML token, whichever comes first. For example, if the configured duration is three days for the HTTP bearer token and two days for the SAML token, the HTTP bearer token expires in two days. A configuration setting on the SSO server determines the duration of SAML tokens.

Prerequisites

  • Log in to the vRealize Automation appliance with SSH as root. The password is the one you specified when you deployed the appliance.
  • The /etc/vcac/security.properties file on the appliance must be editable.

Procedure

  1. Open the /etc/vcac/security.properties file for editing.
  2. Add the following lines to the file, where N is an integer specifying the duration of the token in hours. 
    identity.basic.token.lifetime.hours=N
#The number is in hours.
  3. Save and close the file.
  4. Log out of the vRealize Automation appliance.

Results

The new value applies the next time someone requests an HTTP bearer token.