By default, the authentication credentials to connect to a Wallaroo Ops center timeout after 1 hour for MLOps API connections, and 1 minute for Wallaroo SDK connections.

The timeout for these token is adjusted through the Wallaroo Administrative Service.

How to Access the Wallaroo Authentication Service

Most user administration features are performed by admins through the Platform Admin Dashboard.

Additional settings are available by directly access the Wallaroo Administrative Service. This requires the following:

1. A user credential with administrative access. If for some reason no user with administrative access is available, the default admin user and credentials are retrieved by a user with kubectl and administrative access to the cluster with the following.

   • Retrieve Admin Password

     kubectl -n wallaroo \
     get secret keycloak-admin-secret \
     -o go-template='{{.data.KEYCLOAK_ADMIN_PASSWORD | base64decode }}'
     

2. Access the Wallaroo Authentication service through a browser as an administrator. The Wallaroo Authentication Service URL is in the format $WALLAROODOMAIN/auth. For example, if the Wallaroo Domain is wallaroo.example.com then the Wallaroo Authentication Service URL would be wallaroo.example.com/auth. See the DNS Integration Guide for more details on Wallaroo services with DNS.

3. Select Administration Console, then log in with an administrator account.

Configure Token Timeouts

To update the authentication token timeout period:

1. Login into the Wallaroo Administrative Service with a user account with the role admin.

2. Select Clients from the left navigation panel.

3. Select one of the following clients:

   1. api-client: The client used for MLOps API connections.
   2. sdk-client: The client used for Wallaroo SDK connections.

4. Select the Advanced tab.

5. Scroll down to Advanced Settings.

   

6. Set the Access Token Lifespan to the desired token lifespan.

7. Select Save when complete.