Identity and Access management

 

Search this space

Credentials

User accounts are secured and authenticated via email address and password.

Email addresses are initially validated upon account creation by sending an email with a secure (per user hash) URL which must be clicked on prior to the account being verified.

If an end user forgets their password, they can request their password be reset from our login page, which sends an email to the account of record that includes a reset link with a unique key.

Session Timeout and Password Policies

Tidepool does not have a user or clinic configurable timeout or password policy at this time.

Tidepool users are required to have a password between 8 and 72 characters with no whitespace.

Session tokens expire after 8 hours of inactivity and 24 hours maximum

Remember Me sessions - 7 days of inactivity, 30 days maximum

sample JWT session token (time is in Unix timestamp format)

{"alg":"RS256","typ":"JWT"}.{"aud":"api.tidepool.org","dur":2592000

The content of the Tidepool Technical Documentation is licensed under a Creative Commons CC0 1.0 Universal (CC0 1.0) Public Domain Dedication.