A question of JWT: the token is expired

Because I didn’t find out where to set the token expiration time in the UI of Hopsworks, I read the source code and I found that the token expiration time had been written into the source code (io.hops.hopsworks.common.util.Settings.SERVICE_JWT_LIFETIME_MS). If I want to modify the expiration time, do I have to modify the source code?

BTW, I also tried to use the API (PUT: hopsworks-api/api/jwt) to renew an application token, and the return message was “Client not authorized for this invocation.” Has anyone ever run into this problem?

Any suggestions will be much appreciated.

Hi Freeman
The jwt token expiration time can be changed from the Admin ui
go to the edit variables page and change ‘jwt_lifetime_ms’ it is in milliseconds. Do not forget to reload and logout and login again.

About the API (PUT: hopsworks-api/api/jwt) it is only allowed for internal services.

Hi ermias,

Thank you very much for your reply. :slight_smile:
BTW, could you tell me where I can find the descriptions of these variables? Although the name of these variables looks easy to understand, I still want to know what they mean exactly.

For now you can look here to find the description of variables.

It will be added to the documentation soon.

OK, thank you for your reply.