Hi,
i want to embed Notebooks in iFrame and therefore would like to authenticate users only using token in URL (?token=).
As i don’t want to persist tokens and REST GET API doesn’t return value to use, I’m always generate new one, when user navigate/refresh page, “expires_in” property always set.
Problem #1: After some time i see user token with: “expires_at”: null, and partial scopes, is it OK? I always set “expires_in” for all tokens.
Problem #2: after few token generations(not sure about the exact flow), I start getting
403 and can’t navigate to Notebook anymore, or sometimes can navigate, but cell executions just don’t print any results, since connection to kernel failing
Is there any configuration to fix this? Is my flow to generate token each time is not correct?
How do you ‘see’ this? It could be e.g. the server API token that the user’s server users to talk to the Hub API (it does not expire at a specific time, instead it expires when the server stops).
For problem 2, it would help to see logs surrounding the errors and more configuration of how user servers are spawned and the tokens requested. It should be fine to generate as many tokens as you like.
#2 I just see that the kernel in starting state and it doesn’t change(since yesterday), from the browser debugger: response to: “/user/u15/api/kernels” is:
Ok, I am getting closer. #2 seems like some browser storage problem. When i clear Chrome cache problem solved, but after a while showing again.
Maybe when new token is generated, browser fails to create/override cookies.
tells us it’s the server’s own API token. It should go away when the server stops. These tokens will exist while servers are running. They don’t have time-based expiry, but they are revoked at server shutdown.