In the config file, below is the part of the configuration:
"JWT" => [
"SECRET_KEY" => "XXXXXXX", // JWT secret key
"ALGORITHM" => "HS512", // JWT algorithm
"AUTH_HEADER" => "X-Authorization", // API authentication header (Note: The "Authorization" header is removed by IIS, use "X-Authorization" instead.)
"NOT_BEFORE_TIME" => 0, // API access time before login
"EXPIRE_TIME" => 600 // API expire time
]
I created an API in API_ACTION, eg. getSalesTransaction.
I called the following using Postman in the following sequence:
/api/login
/api/getSalesTransaction/123
It works but if I try to call the 2nd API after 1 hour or the next day, it still can execute without having to login again. How does the timeout work or there is something I missed to configure?