Token Expiry - CI/CD Glossary Definition
Token expiry is the time (the exp claim) after which a token is no longer valid, bounding how long a leaked or stale token can be used.
Short is safer
Short lifetimes limit exposure but need a refresh or re-issue mechanism. Verifiers must reject expired tokens and allow only small clock skew.
In CI/CD
OIDC-derived cloud credentials expire within an hour, so even a leaked build log token becomes useless quickly.
Related guides
Token Revocation - CI/CD Glossary DefinitionToken Revocation: Token revocation is invalidating a token before it naturally expires, used when a credentia…
Access Token - CI/CD Glossary DefinitionAccess Token: An access token is a credential a client presents to an API to prove it is authorized for a sco…
Claim - CI/CD Glossary DefinitionClaim: A claim is a name-value statement carried inside a token, such as `sub`, `iss`, or a custom field, tha…