Support to specify refresh token expiration time on Login API request

joaogoncalves · 17 May 2023, 18:04

Hi everyone!

We have an application with all our users but we have to distinguish the logins that are coming from the mobile and web apps and set different durations to the issued refresh token. Since this setting is an application (or tenant setting), how can we do such a thing?

Thank you!

dan · 18 May 2023, 00:27

@joaogoncalves

Can you give an example of what you're trying to accomplish with an example, please?

joaogoncalves · 18 May 2023, 09:29

Hi @dan !

Basically, I need an optional parameter on Login API endpoint that overrides the Application/Tenant JWT token and refresh tokens duration times.

The use case is 1 Application with all the users and I need different session times for the web and mobile apps.

Maybe there is another workaround for this scenario?

Thank you!

dan · 31 May 2023, 14:31

@joaogoncalves Hiya, I don't think that is supported. I'd suggest using two different Application configurations in FusionAuth, though I'm sure that's something you've already considered.

Feel free to file a feature request: https://github.com/FusionAuth/fusionauth-issues/issues/