I’m trying to set up token TTLs for the LDAP and app-id auth methods (we’re moving to AppRole for the latter, this is a stopgap) and am having difficulty setting the token_ttl parameter for LDAP.
In the documentation, it says that the token_ttl argument is “The incremental lifetime for generated tokens”.
When I run:
vault write auth/ldap/config token_ttl=168h
to set a 168-hour TTL, I get a message indicating support, yet when I read the config back, the parameter is not present.
Additionally, I don’t see the argument listed in the source code.
Is this actually currently supported and, if not, is there a better way to set auth method-specific token TTLs? Thanks!