django-DefectDojo icon indicating copy to clipboard operation
django-DefectDojo copied to clipboard

Published 20 hours ago verified publisher icon DefectDojo

Add expiration to API token

Open ycrumeyrolle opened this issue 3 years ago • 0 comments

Currently the API authorization is granted through an API key which has unlimited lifetime. As there is no policy, token renewal cannot be enforced. It would be more secure to have a short life token instead, or a fixed-time living API key.

Can you consider to integrate this feature? https://pypi.org/project/django-rest-knox/ seems to be a viable solution for that.

ycrumeyrolle avatar Aug 08 '22 09:08 ycrumeyrolle