From 71d60e46a4931f6830931b53ad6bb8d2217907ae Mon Sep 17 00:00:00 2001
From: Oleksii Holub <1935960+Tyrrrz@users.noreply.github.com>
Date: Thu, 19 Sep 2024 16:57:12 +0300
Subject: [PATCH] PAS-578 | Clarify MGAT TTL (#147)

---
 src/guide/api.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/guide/api.md b/src/guide/api.md
index bf09f179..e452cff9 100644
--- a/src/guide/api.md
+++ b/src/guide/api.md
@@ -162,7 +162,8 @@ ApiSecret: myapplication:secret:11f8dd7733744f2596f2a28544b5fbc4
 Content-Type: application/json
 
 {
-  "userId": "123"
+  "userId": "123",
+  "timeToLive": 30
 }
 ```
 
@@ -173,7 +174,8 @@ const apiUrl = 'https://v4.passwordless.dev';
 
 // Generate an authentication token, side-stepping the usual signin process.
 const payload = {
-  userId: '107fb578-9559-4540-a0e2-f82ad78852f7'
+  userId: '107fb578-9559-4540-a0e2-f82ad78852f7', // ID of the user to generate the token for.
+  timeToLive: 30 // Time in seconds the token is valid for. Default is 120 seconds.
 };
 
 // POST the user ID to the Passwordless.dev API using your API private secret.
@@ -189,6 +191,10 @@ const response = await fetch(apiUrl + '/signin/generate-token', {
 
 :::
 
+::: tip
+By default, manually generated authentication tokens are valid for 120 seconds. You can adjust this by setting the `timeToLive` parameter in the request body.
+:::
+
 ### Response
 
 If successful, the `/signin/generate-token` endpoint will return a response object, for example: