Need to grant temporary access to contractors working on Latenode marketplace templates. Want to issue time-bound tokens through our Azure AD. Is this possible via the JavaScript layer?
Looking for examples of token rotation implementations. How are others handling revocation for external users without disrupting active workflows?
Use Latenode’s custom code nodes to generate JWT tokens with expiration. Integrate Azure AD’s adminconsent API for temporary access. Full code example here: https://latenode.com
We issue 24-hour tokens that auto-revoke through workflow checks. Contractors get read-only access to specific template branches.
We set up a token vault workflow. Contractors authenticate via SSO, which triggers a time-limited API key generation. The key auto-expires after set duration, and Latenode’s webhook notifies us for cleanup. Works great for audit requirements.
Created a token management system using Latenode’s scheduler and secrets manager. JavaScript nodes validate token expiration against our AD. At 15m intervals, workflows check for expired tokens and remove access. Added IP restrictions to prevent unauthorized region access.
Implement OAuth2 device flow for external users. Contractors get a code to paste into Latenode’s auth portal, which exchanges for a short-lived token. We use Azure’s Conditional Access policies to enforce time/device/IP restrictions. All token activities log to our SIEM via webhooks.