Adjust the max expiration date of access tokens to 13 months

A Premium, Self-Managed customer offered the following feedback to the deprecation of non-expiring access tokens (documentation link):

I would like to go on the record stating that “12 months” is a terrible policy, as new tokens will have to be issued before the old ones expire, resulting in a creeping renewal date (earlier every year). HTTPS certificates, in contrast, have a 13-month lifespan, which allows organizations to schedule renewals on, say, “The second Tuesday of June” every year, and grants a little wiggle room to issue the new token before the old token expires.

Problem to solve

The one year expiration date for access tokens is not ideal, as new tokens will have to be issued before the old ones expire, resulting in a creeping renewal date (earlier every year). 

Proposal

Turn the max one year expiration into 13 months.

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.