Action token lifespan configuration bug(?)

Marcelo · March 23, 2023, 2:41pm

Hi. I think I’ve found an issue in KeyCloak 20.0.2 related to overriding lifespan of action tokens.

Retrosteps:
Configuration (realm → tokens).

AS IS:
The email contains a link with token which is valid for 5 hours.

TO BE:
The email contains a link with token which is valid for 2 days, as set in execute actions input.

Marcelo · March 28, 2023, 7:33am

Someone reported exactly the same issue on github:

Marcelo · April 13, 2023, 7:42am

Gentle bump. Can someone check it out (if this is reproducable for someone)?

Topic		Replies	Views
Keycloak Action Token for Email Verification Extending the server	1	1281	April 8, 2021
Getting verify-email action token Getting advice	9	2673	November 12, 2021
Execute Actions Email - Request Body Getting advice	2	4100	December 28, 2022
Delayed Email verification Getting advice	2	682	July 27, 2022
Provide link to resend expired update password email Getting advice	5	2118	December 19, 2023