build.sec-jwt-expiry Calculator
Calculates JWT access token lifetime, refresh token rotation interval, and session revocation coverage from security requirements and UX tolerance. Short-lived access tokens (5–15 min) limit exposure from token theft — refresh tokens enable seamless re-authentication without re-login.
Inputs
- Access Min
- Duration of the process. Make sure units match the rate inputs (seconds, minutes, or hours).
- Refresh Day
- Duration of the process. Make sure units match the rate inputs (seconds, minutes, or hours).
- Users
- Rate of charge flow (A). I = V/R. Above ~100 mA through the body can be lethal. Fuses protect against overcurrent.
Results
- access token TTL
- Sample size or count used in the calculation.
- rotations/user/month
- The value at the specified point or condition.
- total active tokens
- The combined total across all inputs and components.
- max exposure
- Reference formula or conversion factor shown for context.
expiry session lifetime token rotation