How to create an auth_token that doesn't timeout?

aikkai.lim · November 28, 2020, 3:20pm

I’m managing several MIQ for different regions and I receive several requests for each region on a daily basis.

Currently, I’ll have to go to individual MIQ to provision the requests. I’m in-progress of developing a frontend application which manages provisioning requests for all of my MIQ by leveraging the APIs (/api/service_orders/cart).

The issue I have is that each MIQ session lasts only 3600s by default and my frontend application doesn’t timeout so I can keep submitting requests.

How can I create an auth_token on MIQ that doesn’t timeout, and use it for my frontend application to submit service orders?

Fryguy · November 28, 2020, 6:59pm

hi @aikkai.lim, I think you can up the timeout to a really high value in the Settings. @abellotti might know the specific key, but check the api and/or auth sections in advanced settings.

aikkai.lim · November 30, 2020, 2:43am

Hi @Fryguy, thank you for responding. Where might I find the advanced settings you mentioned? Under Configuration > Database > advanced_settings table?

pemcg · November 30, 2020, 10:12am

Have a look in Configuration -> Settings -> <your_server> -> Authentication

pemcg

aikkai.lim · November 30, 2020, 11:11am

Thank you @pemcg. I found the Authentication config as shown by you, however, the max it can go is 24 hours. I’m not able to edit this field to accept perhaps days, as my requirement is to never timeout any session.

Do you know any other work around?

pemcg · November 30, 2020, 11:32am

You can edit the Advanced configuration YAML directly to increase the timeout, have a look for:

:session:
  :interval: 60
  :memcache_server: 127.0.0.1:11211
  :memcache_server_opts: "-l 127.0.0.1 -I 1M"
  :show_login_info: true
  :timeout: 7200

It sounds like you’re effectively trying to disable authentication altogether?

aikkai.lim · November 30, 2020, 11:42am

In a way yes. However, that token will only be used for an automation application to automate provisioning on different regional MIQs.

Can the yaml configuration be set for specific user? E.g. I only want the automation user (user used for the automation application) to have non-timeout session. Other users should use the default timeout.

Fryguy · November 30, 2020, 3:01pm

I don’t believe you can change it per-user… perhaps @hkataria or @abellotti know?

hkataria · November 30, 2020, 4:06pm

@Fryguy you are right, session timeout setting is not per user based setting.