Acquisition complete HashiCorp officially joins the IBM family. Learn more
HashiCorp Cloud Platform
HashiCorp Cloud Platform Home

Configure authentication time to live

You can configure the time-to-live (TTL) and time-to-stale (TTS) settings that control how often Boundary requires a user to authenticate. The TTL setting controls the lifespan of an auth token, while the TTS setting controls how long Boundary permits an auth token to be inactive.

Complete the following steps to configure the time-to-live and time-to-stale settings for any auth tokens your HCP controllers issue.

  1. Log in to the HCP Portal, and navigate to the Overview page for the Boundary cluster you want to configure.
  2. In the Controller configuration section, click Edit.
  3. Complete the following fields on the Auth Token TTL tab:
    • Time to Live: Enter the number of hours you want to let auth tokens be valid before requiring a user to authenticate again. Click Set to default to set the time-to-live setting to the default value.
    • Time to Stale: Enter the number of hours you want to let auth tokens be inactive before requiring a user to authenticate again. Click Set to default to set the time-to-stale setting to the default value.
  4. Click Save.

The updated settings apply to any new sessions you create. You can view the updated settings on the cluster Overview page in the Controller configuration section.