OTP and Magic Link expiration
You can change how long a user can use an OTP or a Magic Link to log in by changing the passwordless_code_lifetime
core configuration value. This value is set in milliseconds and defaults to 900000
(15 minutes).
caution
Each new OTP / magic link generated, either by opening a new browser or by clicking on the "Resend" button, will have a lifetime as per the passwordless_code_lifetime
setting.
- With Docker
- Without Docker
- Managed Service
docker run \ -p 3567:3567 \ -e PASSWORDLESS_CODE_LIFETIME=60000 \ -d registry.supertokens.io/supertokens/supertokens-<db name>
# You need to add the following to the config.yaml file.# The file path can be found by running the "supertokens --help" command
passwordless_code_lifetime: 60000
- Navigate to your SuperTokens managed service dashboard, and click on the Edit Configuration button.
- In there, change the values of the following fields, and click on save.
passwordless_code_lifetime: 60000