Service Account tokens are expiring

Description

Service Account tokens, which are expected to be used by 3rd party integrations / usages of OpenLMIS API', are expiring after 30 min - the time set for general token expiration.

Observed

The Ref Distro with demo data will launch with the service account 9a556033-ed13-4dde-9561-158469d15134. This token will work with a FHIR resource such as:

After 30 min (a default from `settings.env`) of in-activity (i.e. the service account isn't used), an API call using that token will get the following error message:

Returns: 200

Expected

That the service account's token will never expire, regardless of the setting TOKEN_DURATION in settings.env.

The only way for a service account's token to become invalid is if it is "deleted", for example through the Admin UI.

Environment

None

Assignee

Łukasz Lewczyński

Reporter

Josh Zamor

Labels

None

Story Points

3

Time tracking

40h

Sprint

None

Fix versions

Affects versions

Priority

Major
Configure