I am using X-Pack 5.5.2 and have integrated them into Elasticsearch and Kibana. I am trying out the Security API for a use case, which is to restrict the search results depending on the user's role. The user will first need to log into the application.
Currently I am looking at the Authenticate, User Management and Role Management APIs. There is also this Token Management API.
In the Token Management API, there is a "expires_in" which is defaulted to 1200. Can this value be changed to a longer duration?
If I use the Authenticate API, is the Token Management API needed? In what cases is the Token Management API suitable for?