Http request login

Is it possible to setup non expiring token?

Yes…!! It is :slight_smile:

It depends on how you are configuring. on server settings also you can manage it and if you are using any third party packages there also you can manage.

We can use non Expiring tokens but at the server end we have some mechanism like self encoded token and it should be stored in some sort of storage media like Database so in case of any need , if you dont want to allow a user to access the methods again then you can mark that too from your database update :slight_smile:

But for sake of better security, tokens should have an expiry limit.

A common method of granting tokens is to use a combination of access tokens and refresh tokens for maximum security and flexibility.

Tokens have an expiration, otherwise someone could authenticate forever to the API once they logged in at least once.

The main benefit of this approach is that the service can use self-encoded access tokens which can be verified without a database lookup. However, this means there is no way to expire those tokens directly, so instead, the tokens are issued with a short expiration time so that the application is forced to continually refresh them, giving the service a chance to revoke an application’s access if needed.

Regards…!!
Aksh

Thank you for your answer. I understand security issues of setting non expiring token but if I’d like to make such would it be possible to configure non expiring tokens by web.config ?
Auth.Cookie.Expire in orchestrator web.config holds information about token expiration time.
Setting Auth.Cookie.Expire to 0 would make it a nonexpiring token? Or maybe do you know if there is any other setting in web.config for that?

I am trying to call the authenticate API using Node.js with No luck I tried every possible combination but nothing seems to be working. If possible, can you please share your solution. I have also requested for help in the below post, any help is really appreciated.

hey can anyone resolve my problem I am a new learner with UiPath concepts …I am trying to authenticate the orchestrator api even though I provided with correct credentials it is prompting me an error : {
“message”: “{"message":"Invalid credentials, failed to login.","errorCode":1000,"resourceIds":null}”,
“level”: “Information”,
“logType”: “User”,
“timeStamp”: “06:08:06”,
“processVersion”: “1.0.0”,
“jobId”: “1e97274a-f684-4b5a-a862-3684b0f0f7c8”,
“robotName”: “Tejaswi”,
“machineId”: 46081
}
thank you