Brian,
Currently we have set the security token expiration to 1 hr.
1) I would like to know the security implications of increasing it to
24 hrs.
2) I would like to know the recommended ways of updating the security
token - because 1 hr doesn't seem to work for the oauth plugins that we
are developing.
For instance, i have an oauth gadget whose st is set to expire to 1 hr..
Currently, the only way i see that i can update the st in ifr request is
to do a gadget refetch. This won't work for me, as I lose the plugin
state, i have no way of landing the user back to the same state as they
were - before st expired.
Is there a way we can update the security token ?
thanks in advance for your help,
