I am working on creating a REST ws exposing few API's. A token is required for each API call. I am confused about the expiry time to be set for the token.
Security+Performance wise what is the ideal expiry time for token (if there is one)?
restweb services
I am working on creating a REST ws exposing few API's. A token is required for each API call. I am confused about the expiry time to be set for the token.
Security+Performance wise what is the ideal expiry time for token (if there is one)?
Best Answer
Generally speaking I'd say it depends on what the API is for.