From b595cb0c1dec83de5bdee18284abe86614bed33b Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 20 Jul 2022 15:40:28 +0000 Subject: Add latest changes from gitlab-org/gitlab@15-2-stable-ee --- doc/integration/oauth_provider.md | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) (limited to 'doc/integration/oauth_provider.md') diff --git a/doc/integration/oauth_provider.md b/doc/integration/oauth_provider.md index e33f874d35a..962f5c4e5fb 100644 --- a/doc/integration/oauth_provider.md +++ b/doc/integration/oauth_provider.md @@ -86,7 +86,7 @@ To create an application for your GitLab instance: When creating application in the **Admin Area** , you can mark it as _trusted_. The user authorization step is automatically skipped for this application. -## Expiring access tokens +## Access token expiration > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/21745) in GitLab 14.3, with the ability to opt out. > - Ability to opt-out of expiring access token [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/340848) in GitLab 15.0. @@ -96,13 +96,8 @@ The ability to opt-out of expiring access tokens was [deprecated](https://gitlab in GitLab 14.3 and [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/340848) in 15.0. All existing integrations must be updated to support access token refresh. -Access tokens expire in two hours which means that integrations that use them must support generating new access -tokens at least every two hours. Existing: - -- Applications can have expiring access tokens: - 1. Edit the application. - 1. Select **Expire access tokens**. -- Tokens must be [revoked](../api/oauth2.md#revoke-a-token) or they don't expire. +Access tokens expire after two hours. Integrations that use access tokens must generate new ones at least every +two hours. When applications are deleted, all grants and tokens associated with the application are also deleted. -- cgit v1.2.1