2020-12-01 00:58

Keychain validity period | expiry

I am using this package to save JWT tokens instead of actual passwords. Is there a validity period for what you save to the Keychain? Or an API to set that for either IOS or Android... Otherwise I guess I will have to manually delete the tokens after a given period and refresh them...


  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答


  • weixin_39725403 weixin_39725403 5月前

    I'm afraid not; it's up to you to validate the validity on read.

    点赞 评论 复制链接分享
  • weixin_39992417 weixin_39992417 5月前

    So this means the credentials are stored on the keychain indefinitely? No external events (from OS, other apps) can clear it except from your app code?

    点赞 评论 复制链接分享
  • weixin_39725403 weixin_39725403 5月前

    You can clear it by uninstalling the app, but even that will not clear it directly.

    点赞 评论 复制链接分享
  • weixin_39919089 weixin_39919089 5月前

    When you say "not clear it directly" what do you mean? I've uninstalled and reinstalled an iOS app using this library only to find out previously stored credentials still exist. See also #135.

    You shouldn't have to worry about expired JWTs; once they're expired, it doesn't matter if they remain on the device, they're unusable. To ensure tokens are refreshed on expiry, I use a small utility that wraps fetch and checks the token's expiration claim (if stored) or checks to see if a request returns a 401 response code. If the token is expired/invalid, a token refresh is automatically attempted. To handle persisted keychain data between app reinstalls, take a look at: https://stackoverflow.com/questions/4747404/delete-keychain-items-when-an-app-is-uninstalled

    点赞 评论 复制链接分享
  • weixin_39571219 weixin_39571219 5月前

    please see answer from eskimo in https://forums.developer.apple.com/thread/36442

    点赞 评论 复制链接分享