In the Device Explorer for IoT Hub when generating the SAS token what is the maximum TTL that can be set?
I don't want to it ever expire in the best case scenario.
Inserting 0 doesn't help, when the connection is lost it never gets reconnected.
0
votes
2 Answers
0
votes
Have a look at the Device Explorer implementation in the GitHub:
decimal ttlValue = numericUpDown1.Value;
var sasBuilder = new SharedAccessSignatureBuilder()
{
Key = this.selectedDeviceKey,
Target = String.Format("{0}/devices/{1}", iotHubHostName, WebUtility.UrlEncode(this.selectedDeviceId)),
TimeToLive = TimeSpan.FromDays(Convert.ToDouble(ttlValue))
};
sasRichTextBox.Text = deviceConnectionStringWithSAS(sasBuilder.ToSignature()) + "\r\n";
0
votes
Having a public token that never expires is not a good idea in principle: if an entity captures and manages to decrypt the message on it's way to the Cloud it could use the token to impersonate the device and you wouldn't know its not the device... That's the reason why a good practice is to renew the SAS token regularly. Our open source device SDKs implement the generation and renewal of the SAS token based on a private key that never goes on the wire. Why not implementing this instead of hardcoding a never expiring token?
