From 2423c9a63cc78a80dbb24c1e2a52875931d7239a Mon Sep 17 00:00:00 2001 From: Chris Church Date: Sat, 8 Feb 2014 02:22:39 -0500 Subject: [PATCH] AC-1013 Updated API docs to indicate that an auth token is tied to remote address and user agent. --- awx/api/templates/api/auth_token_view.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/awx/api/templates/api/auth_token_view.md b/awx/api/templates/api/auth_token_view.md index fe03e3f159..c25c658aef 100644 --- a/awx/api/templates/api/auth_token_view.md +++ b/awx/api/templates/api/auth_token_view.md @@ -26,6 +26,9 @@ header: Authorization: Token 8f17825cf08a7efea124f2638f3896f6637f8745 +The auth token is only valid when used from the same remote address and user +agent that originally obtained it. + Each request that uses the token for authentication will refresh its expiration timestamp and keep it from expiring. A token only expires when it is not used for the configured timeout interval (default 1800 seconds).