Configure the Keystone Token Expiration TimeΒΆ
You can change the default Keystone token expiration setting. This may be required to provide sustained access for operations that take more than an hour.
About this task
By default, the Keystone token expiration time is set to 3600 seconds (1 hour). This is the amount of time a token remains valid. The new setting must be between 3600 seconds and 14400 seconds.
Procedure
On the active controller, become the Keystone admin user.
$ source /etc/platform/openrc
Ensure that the token_expiration parameter is defined for the identity service.
$ system service-parameter-list | grep token_expiration | 712e4a45-777c-4e83-9d56-5042cde482f7 | identity | config | token_expiration | 3600
Modify the service parameter using the following command:
$ system service-parameter-modify identity config token_expiration=7200
Apply the configuration change.
$ system service-parameter-apply identity Applying identity service parameters
Allow a few minutes for the change to take an effect.