> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bytebase.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Access Expiration

Every [role request](/security/database-permission/request/) and [just-in-time access](/security/database-permission/just-in-time/) request carries an **Expiration** — how long the granted access stays valid before Bytebase revokes it automatically. A **Workspace Admin** can cap that duration, and members see a reminder before a granted role expires.

## Maximum request expiration

A **Workspace Admin** can set the longest expiration any request is allowed to use, so members can't grant themselves long-lived access. Go to **Settings > General**, find **Maximum request expiration**, and set the number of days. Select **Never expires** to remove the cap.

The cap applies to every project role grant except the **Project Owner** role, and to all data access requests. A request whose expiration exceeds the maximum is rejected — the request drawer only offers durations within the cap.

<Note>
  Setting a maximum request expiration requires the `bb.settings.setWorkspaceProfile` permission — for example a **Workspace Admin**.
</Note>

## Role expiration reminder

Users assigned a project role with a limited duration will see a persistent reminder starting two days before the role expires, which remains visible until dismissed.

<img src="https://mintcdn.com/dbx/yhR4_AKNF_MEUOA1/content/docs/security/database-permission/expiration/bb-role-expiration-reminder.webp?fit=max&auto=format&n=yhR4_AKNF_MEUOA1&q=85&s=7e2227a9014c305aa1c578f4e0e13fe3" alt="Role expiration reminder shown two days before a granted role expires" width="2272" height="956" data-path="content/docs/security/database-permission/expiration/bb-role-expiration-reminder.webp" />
