Create labels, ability to list, and ability to delete/revoke domain tokens attached to account. #7
Comments
|
At the moment, access tokens have a creation date, an expiration date, and a scope. The scope is either "owner" (account access token) or "domain" (domain access token). I have the user access tokens expire after 12 hours without any heartbeat activity. The domain tokens don't ever expire because they are what associates an account with a domain. I'm not happy with that and am thinking of expiring them after some period of no domain heartbeat. A week? A month? Would a "note" field be a good addition? A token admin API is a good idea. I'll use this issue to hold discussion of token design and start another issue about building a general admin panel for the metaverse-server. |
|
I was just looking at the domain token generation pages high fidelity created, they had you put in a human readable label before they generated them, or they just put a generic label on it it along the lines this was created at this date and time. then they had another page at the metaverse site that listed all the domain token you have generated by their labels and gave you the option to delete them one at a time. |
Need to create and modify api and associated web pages to be able to label a token when created. With labels another api should be created to list all domain token that account has created with the purpose of being able to revoke them do to security. The tokens should not be listed but only the labels of the tokens so they can be revoked with a delete access point.
The text was updated successfully, but these errors were encountered: