From c85293285a9304cab832374c29e85ba02ceb79e0 Mon Sep 17 00:00:00 2001
From: piccadilly-circus <134370605+piccadilly-circus@users.noreply.github.com>
Date: Mon, 4 Nov 2024 13:10:41 +0500
Subject: [PATCH] Where to add the auth tokens

---
 user/enterprise/support-admin-tool.md | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/user/enterprise/support-admin-tool.md b/user/enterprise/support-admin-tool.md
index 93cbabfba04..bf288f42dfd 100644
--- a/user/enterprise/support-admin-tool.md
+++ b/user/enterprise/support-admin-tool.md
@@ -24,9 +24,20 @@ Consider the following: The user gets suspended, e.g., in the GHE server (3rd-pa
 
 Such a situation may be valid and desired. However, there are cases, like a person leaving a company or team, when it is simply a security matter to revoke all accesses for such users. Travis CI cannot react automatically since no automated notification has been sent out, e.g., the GHE server account is suspended. If you are considering a less drastic approach, you may consider manually [suspending a user](/user/enterprise/user-management/) instead of logging out and revoking all tokens. 
 
-Suspended users still have access to Travis CI via browser or travis-cli (assuming they have valid Travis access tokens present in these tools) but cannot trigger builds. 
+Suspended users still have access to Travis CI via browser or travis-cli (assuming they have valid Travis access tokens present in these tools) but cannot trigger builds.
+
+### Auth tokens
+
+Following environment variables are used to manage the life of token.
+
+- `WEB_TOKEN_EXPIRES_IN_HOURS`
+- `AUTH_TOKEN_EXPIRES_IN_DAYS`
+- `AUTH_CLI_TOKEN_EXPIRES_IN_DAYS`
+
+These tokens can be set using the admin console `kubectl kots admin-console -n tci-enterprise-kots` under the "Advanced Setting" menu.
 
 ## Re-accessing Travis CI
 To re-access Travis CI, users must log in using a 3rd-party authenticator such as GitHub (browser, travis-cli), GitLab, or  BitBucket (browser). Only with access can users see the private repositories, build history, build job logs, and obtain new Travis API tokens.
 
 Please note: if such users (logged out and tokens revoked) are, e.g., suspended in the GHE server, they will be unable to successfully use their GHE server account to log into Travis CI UI or travis-cli.
+