Hi! Is there a possibility to automatically invalidate access tokens after a period of time? I am talking about
which gets set as a cookie once logged in. Even if I set the “Login expiration in days” to 1 in the Admin settings, I can still do REST API calls indefinitely after 1 day by setting the
to whatever the
I came across this “official” answer from a Rocket.Chat employee saying
Currently the authentication tokens obtained via the Rocket.Chat REST API have no expiration date.
I wonder if that changed somehow during the last 3 years can anyone help?