shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add separate max token lifetime for administrators (#18267)

Browse Source 
# Add separate token lifetime limits for administrators

This PR introduces a new configuration option `--max-admin-token-lifetime` that allows administrators to create API tokens with longer lifetimes than regular users. By default, administrators can create tokens with a lifetime of up to 7 days (168 hours), while the existing `--max-token-lifetime` setting continues to apply to regular users.

The implementation:
- Adds a new `MaximumAdminTokenDuration` field to the session configuration
- Modifies the token validation logic to check the user's role and apply the appropriate lifetime limit
- Updates the token configuration endpoint to return the correct maximum lifetime based on the user's role
- Adds tests to verify that administrators can create tokens with longer and shorter lifetimes
- Updates documentation and help text to reflect the new option

This change allows organizations to grant administrators extended token lifetimes while maintaining tighter security controls for regular users.

Fixes #17395
This commit is contained in:
Thomas Kosiewski
2025-06-06 17:36:30 +02:00
committed by GitHub
parent 348d19ddb7
commit f569d9c33d
12 changed files with 178 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/reference/api/general.md
Generated
+1
View File
@@ -454,6 +454,7 @@ curl -X GET http://coder-server:8080/api/v2/deployment/config \
"default_duration": 0,
"default_token_lifetime": 0,
"disable_expiry_refresh": true,
"max_admin_token_lifetime": 0,
"max_token_lifetime": 0
},
"ssh_keygen_algorithm": "string",