Token Configuration
Token configuration defines how Guardian generates and manages JWT tokens (access tokens, refresh tokens, and ID tokens) for authenticated users.
Table name: token_config
| Field | Type | Description |
|---|---|---|
| tenant_id | CHAR(10) | Tenant identifier (Primary Key) |
| algorithm | VARCHAR(10) | Token signing algorithm |
| issuer | VARCHAR(256) | Token issuer identifier |
| rsa_keys | JSON | RSA key pair in JSON format, list of objects where each object has keys |
| access_token_expiry | INT | Access token JWT expiration time in seconds |
| refresh_token_expiry | INT | Refresh token expiration time in seconds |
| id_token_expiry | INT | ID token JWT expiration time in seconds |
| id_token_claims | JSON | Claims (key-values) to include in the ID Token payload (must be part of get user response) |
| cookie_domain | VARCHAR(256) | Domain for setting cookies |
| cookie_path | VARCHAR(256) | Path for setting cookies |
| cookie_secure | BOOLEAN | Whether cookies should be secure (HTTPS only) |
| cookie_http_only | BOOLEAN | Whether cookies should be HTTP-only (not accessible via JavaScript) |
| cookie_same_site | VARCHAR(10) | SameSite attribute for cookies (LAX, STRICT, NONE) |
Prerequisites
Section titled “Prerequisites”- Tenant Configuration - A tenant must be created first
Related Configurations
Section titled “Related Configurations”- Client Configuration - Required for all flows
- User Configuration - Required for all flows