((p "If" " " "an" " " "user" " " "is" " " "authenticated," " " "an" " " (@L (@H "“") "access" " " "token" (@H "”")) " " "is" " " "created" " " "that" " " "must" " " "be" " " "sent" " " "with" " " "every" " " "request" " " "to" " " "prove" " " "the" " " "identity" " " "of" " " "the" " " "caller." " " "Otherwise" " " "the" " " "user" " " "will" " " "not" " " "be" " " "recognized" " " "by" " " "Zettelstore.") (p "If" " " "the" " " "user" " " "was" " " "authenticated" " " "via" " " "the" " " (a (@ (href . "00001014000000")) "web" " " "user" " " "interface") "," " " "the" " " "access" " " "token" " " "is" " " "stored" " " "in" " " "a" " " (a (@ (class . "external") (href . "https://en.wikipedia.org/wiki/HTTP_cookie#Session_cookie")) (@L (@H "“") "session" " " "cookie" (@H "”"))) "." " " "When" " " "the" " " "web" " " "browser" " " "is" " " "closed," " " "theses" " " "cookies" " " "are" " " "not" " " "saved." " " "If" " " "you" " " "want" " " "web" " " "browser" " " "to" " " "store" " " "the" " " "cookie" " " "as" " " "long" " " "as" " " "lifetime" " " "of" " " "that" " " "token," " " "the" " " "owner" " " "must" " " "set" " " (kbd "persistent-cookie") " " "of" " " "the" " " (a (@ (href . "00001004010000")) "startup" " " "configuration") " " "to" " " (kbd "true") ".") (p "If" " " "the" " " "web" " " "browser" " " "remains" " " "inactive" " " "for" " " "a" " " "period," " " "the" " " "user" " " "will" " " "be" " " "automatically" " " "logged" " " "off," " " "because" " " "each" " " "access" " " "token" " " "has" " " "a" " " "limited" " " "lifetime." " " "The" " " "maximum" " " "length" " " "of" " " "this" " " "period" " " "is" " " "specified" " " "by" " " "the" " " (kbd "token-lifetime-html") " " "value" " " "of" " " "the" " " "startup" " " "configuration." " " "Every" " " "time" " " "a" " " "web" " " "page" " " "is" " " "displayed," " " "a" " " "fresh" " " "token" " " "is" " " "created" " " "and" " " "stored" " " "inside" " " "the" " " "cookie.") (p "If" " " "the" " " "user" " " "was" " " "authenticated" " " "via" " " "the" " " "API," " " "the" " " "access" " " "token" " " "will" " " "be" " " "returned" " " "as" " " "the" " " "content" " " "of" " " "the" " " "response." " " "Typically," " " "the" " " "lifetime" " " "of" " " "this" " " "token" " " "is" " " "more" " " "short" " " "term," " " "e.g." " " "10" " " "minutes." " " "It" " " "is" " " "specified" " " "by" " " "the" " " (kbd "token-lifetime-api") " " "value" " " "of" " " "the" " " "startup" " " "configuration." " " "If" " " "you" " " "need" " " "more" " " "time," " " "you" " " "can" " " "either" " " (a (@ (href . "00001012050200")) "re-authenticate") " " "the" " " "user" " " "or" " " "use" " " "an" " " "API" " " "call" " " "to" " " (a (@ (href . "00001012050400")) "renew" " " "the" " " "access" " " "token") ".") (p "If" " " "you" " " "remotely" " " "access" " " "your" " " "Zettelstore" " " "via" " " "HTTP" " " "(not" " " "via" " " "HTTPS," " " "which" " " "allows" " " "encrypted" " " "communication)," " " "your" " " "must" " " "set" " " "the" " " (kbd "insecure-cookie") " " "value" " " "of" " " "the" " " "startup" " " "configuration" " " "to" " " (kbd "true") "." " " "In" " " "most" " " "cases," " " "such" " " "a" " " "scenario" " " "is" " " "not" " " "recommended," " " "because" " " "user" " " "name" " " "and" " " "password" " " "will" " " "be" " " "transferred" " " "as" " " "plain" " " "text." " " "You" " " "could" " " "make" " " "use" " " "of" " " "such" " " "scenario" " " "if" " " "you" " " "know" " " "all" " " "parties" " " "that" " " "access" " " "the" " " "local" " " "network" " " "where" " " "you" " " "access" " " "the" " " "Zettelstore."))