hi <@498057949541826571> I test endpoints via post...
# support-questions-legacyc
ceylan_89116
02/23/2024, 7:37 AMhi @rp_st I test endpoints via postman. For this, I need to refresh tokens at regular intervals. Is there a token for postman that does not require refresh?
r
rp_st
02/23/2024, 7:56 AMhey @ceylan_89116 not really. You can extend the access token lifetime though in the core if you like.
c
ceylan_89116
02/23/2024, 7:58 AMWell, this period will change for all users, right? Can it be done on a user basis?
r
rp_st
02/23/2024, 7:58 AM> Well, this period will change for all users, right?
It will.
rp_st
02/23/2024, 7:59 AM> Can it be done on a user basis?
You can do it if you add a custom claim in tokens that acts as an artificial exp, and then for postman tokens, don't add that custom claim.
Then post verification of the access token in your api, check the custom claim in the payload and if it's expired based on that, then send back a 401
rp_st
02/23/2024, 8:00 AMso the actual value in the core will be very high. But the custom claim will artificially shorten the token's lifetime
c
ceylan_89116
02/23/2024, 8:01 AMokey, thank you @rp_st .
8 Views