Behavior When Changing Token Security Policies

When changing the security policies affecting API tokens:

  • If a token type is disabled (by unticking the box) all existing API tokens of this type will be deleted immediately; a warning will be provided.

  • When changing the expiration value of a token:

    • If a token has not yet expired, but their current expiration is set to outside of the interval, the expiration will be set to the maximum time left for the token.

    • If an existing token's expiration is beyond the configured time in the new policy, the tokens will be deleted.

    • If an existing token is within the new timeframe, the token will continue to function until the expiration time.

This behavior can be used to immediately remove access for existing tokens if they have been created.