Does Approle secret ID TTL timeout when set to 0?

Hi I’m looking into using Approle authentication for our app. I am setting the secret ID ttl to 0, so I don’t need to update it.
I was wondering if the secret id ever expires after a long period of time or it lasts forever? I encounter this post on slackoverflow: app secret - How to use Hashicorp Vault's AppRole in production? - Stack Overflow.
Just want to double check since the default TTL was not discussed in the Approle Pull Authentication tutorial: AppRole Pull Authentication | Vault - HashiCorp Learn


secret_id_ttl of 0 does indeed mean unlimited.

I’m a little confused, you’re using approle but don’t want to use your secret id? What’s the purpose of the approle then?

Maybe you mean you don’t want the approle to linger after use? If so you can set the use secret_id_num_uses to 1 … which means the secret id expires after a successful authentication (during the TTL). I have not test this, but my guess is that setting the TTL of a secret-id to 0 would be the same as not setting it and the TTL reverts to the default of cluster max-ttl.

Not correct - 0 is unlimited for AppRole SecretIDs.