Issue
- When does One Time Password expire?
- Can you set the validity timeframe of the OTP?
Environment
- DXP 7.2+
Resolution
- OTP is HTTP session based, if the session expires, OTP expires as well. And it can only be used in the same HTTP session.
- Since OTP expiration is tied to the HTTP session, its validity depends on the session
- To change the OTP expiration time, you need to change the HTTP session's duration, which is NOT recommended