Configure the Keystone Token Expiration Time¶

You can change the default Keystone token expiration setting. This may be required to provide sustained access for operations that take more than an hour.

About this task

By default, the Keystone token expiration time is set to 3600 seconds (1 hour). This is the amount of time a token remains valid. The new setting must be between 3600 seconds and 14400 seconds.

Procedure

On the active controller, become the Keystone admin user.
```
$ source /etc/platform/openrc
```

Ensure that the token_expiration parameter is defined for the identity service.

$ system service-parameter-list | grep token_expiration

| 712e4a45-777c-4e83-9d56-5042cde482f7 | identity | config | token_expiration | 3600

Modify the service parameter using the following command:

$ system service-parameter-modify identity config token_expiration=7200

Apply the configuration change.
```
$ system service-parameter-apply identity

Applying identity service parameters
```
Allow a few minutes for the change to take an effect.

Configure the Keystone Token Expiration Time

Configure the Keystone Token Expiration Time¶

StarlingX