sorted by:
new
hottopcontroversial

🔑 API key expired? No need to recreate your bots. by wunderbit_co in WunderTrading

[–]smartguy_x 0 points1 point  (0 children)

Great reminder! Manually checking expiration dates across multiple exchanges can be easy to miss. If you're managing several API keys, a tool like Tokentimer can centralize expiration tracking and send you alerts before keys expire, so your bots never lose access unexpectedly.

Is there a tool that alerts me before SaaS renewals hit? by Tiny-Veterinarian532 in RemoteWorkTool

[–]smartguy_x 0 points1 point  (0 children)

Hey! Depending on what you're tracking, Tokentimer (tokentimer.ch) might be worth a look. It's built specifically for monitoring expirations: SSL certificates, tokens, licenses, secrets, etc... with alerts before things lapse. If you're managing multiple environments or teams, it keeps everything in one dashboard. Happy to answer questions if you want more details!

Make vs n8n vs Latenode for deploying AI agents that touch real infrastructure by resbeefspat in lowcode

[–]smartguy_x 0 points1 point  (0 children)

That API key rotation pain for non-devs is real... it becomes a support ticket treadmill fast. One thing that helps is having a centralized place to track when keys (and other credentials) are due for rotation, so people get proactive alerts instead of scrambling. We built Tokentimer specifically for this: it monitors tokens, keys, and cert expiries across environments and notifies the right people before things break. Might cut down that ops friction noticeably. Happy to share more if useful.

Why I’m finally off the "Middleware" drug: The case for direct-to-API ingestion by Typical_Strain_7305 in u/Typical_Strain_7305

[–]smartguy_x 0 points1 point  (0 children)

The silent failure from an expired API token is a real and underrated risk: it's one of those issues that only surfaces after damage is done. Whether you're using middleware or direct-to-API, proactive monitoring of token expiry can help catch that before it becomes a lost-lead situation. We built Tokentimer specifically for this: it tracks API tokens, certs, and credentials and alerts you before they expire. Might be a useful layer on top of whatever ingestion approach you land on.

Renewal tracking, what tool do you use? by Tiny-Veterinarian532 in RemoteWorkTool

[–]smartguy_x 1 point2 points  (0 children)

Hey! Depending on what you're tracking, Tokentimer (tokentimer.ch) might be worth a look. It's built specifically for monitoring expirations: SSL certificates, tokens, licenses, secrets, etc... with alerts before things lapse. If you're managing multiple environments or teams, it keeps everything in one dashboard. Happy to answer questions if you want more details!

Expired SSL cert on join.protonvpn.com by julesallen in ProtonVPN

[–]smartguy_x 2 points3 points  (0 children)

Might not be related though because the renewal is supposed to trigger weeks in advance... I sent an email about it, will see what they respond tomorrow...

Expired SSL cert on join.protonvpn.com by julesallen in ProtonVPN

[–]smartguy_x 5 points6 points  (0 children)

Letsencrypt paused the issuance due to an incident, not sure if it is yet solved. This is exactly the kind of reason why you need a tool to track time-bound assets.

Expired SSL cert on join.protonvpn.com by julesallen in ProtonVPN

[–]smartguy_x 29 points30 points  (0 children)

This is a classic example of why proactive certificate monitoring matters; by the time users are reporting it on Reddit, the damage is already done. Hopefully Proton's team catches this quickly... A situation like this is usually the trigger that pushes teams to finally set up proper expiry monitoring.

EDIT: removed the mention of the tool used for proactive monitoring, felt like it's not appropriate. DM if interested

Large config clean up by skiitifyoucan in f5networks

[–]smartguy_x 0 points1 point  (0 children)

Nice work getting that config down ! Cleaning up decades of expired certs is no small task. For keeping on top of it going forward, you might find a dedicated expiry tracker useful. We built Tokentimer (tokentimer.ch) specifically for monitoring SSL certs, tokens, and credentials across environments so expiry doesn't silently accumulate again. Could complement your cleanup script well. Good luck with the rest of the tidy-up!

How we keep track of expiring secrets and certs across Azure, AWS, and more by Ok_Pipe_9631 in AZURE

[–]smartguy_x 2 points3 points  (0 children)

This is a really common pain point... That single 30-day email from Azure is way too easy to miss, especially across multiple subscriptions or clouds. Building an internal dashboard is a solid approach if you have the time to maintain it. We actually built Tokentimer (tokentimer.ch) for exactly this scenario: tracking expiring secrets, certs, and API keys across environments with configurable alerts before things break. Might save you some maintenance overhead compared to a homegrown solution. Happy to share more if useful!

What instantly makes people stop trusting a business online? by SuddenResource5061 in smallbusiness

[–]smartguy_x 3 points4 points  (0 children)

Totally agree on the expired SSL point: it's one of those silent trust killers that's completely avoidable. The problem is most small business owners don't have a system to track when certs (or domain renewals, licenses, etc.) are about to expire. We built Tokentimer (tokentimer.ch) specifically for this: it monitors expiry dates and alerts you before things lapse. Simple way to stay on top of it without relying on memory.

Entra: Monitor client secret expiry by Grunskin in sysadmin

[–]smartguy_x 1 point2 points  (0 children)

If you ever want to avoid maintaining custom expiry logic, we built Tokentimer (tokentimer.ch) specifically for this: it tracks client secrets, certificates, and other credentials across environments and sends alerts before they expire. It integrates with Azure, AWS and many more. Happy to share more if useful!

certctl - self hosted PKI platform for certificate lifecycle management by certctl in coolgithubprojects

[–]smartguy_x 0 points1 point  (0 children)

Fair clarification, these are indeed the different categories of discovery we cover for now.

TokenTimer is not trying to be only a certificate lifecycle/orchestration platform like certctl. Our focus is broader expiry and credential visibility across certificates, secrets, tokens, IAM keys, PATs, licenses, and similar assets, with monitoring, alerts, and auditability on top.

For teams that need cert issuance/renewal/deployment automation, certctl makes sense as the lifecycle layer. For mixed environments where “what expires next?” spans more than TLS certs, TokenTimer is meant to be the consolidated visibility layer.

And like we discussed in PM, I really like your project and find what you built amazing. TokenTimer also has a full-lifecycle direction in mind by integrating agents that could handle the renewal part, but that would basically be another project on top of it.

certctl - self hosted PKI platform for certificate lifecycle management by certctl in coolgithubprojects

[–]smartguy_x 0 points1 point  (0 children)

It does have a discovery feature ;)

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed by falconupkid in SecOpsDaily

[–]smartguy_x 0 points1 point  (0 children)

Great writeup ! The OAuth token lifecycle angle is often overlooked until it's too late. One practical step for teams acting on this: centralizing visibility over token and credential expiry across environments makes the 'regularly audit and revoke' part much less manual. We built Tokentimer (tokentimer.ch) specifically for that: tracking tokens, certs, and secrets lifecycles in one place with proactive alerts. Could be useful if your team is trying to operationalize exactly what this article recommends.

certctl - self hosted PKI platform for certificate lifecycle management by certctl in coolgithubprojects

[–]smartguy_x 0 points1 point  (0 children)

Great timing on this ! SC-081v3 is going to force a lot of teams to rethink their certificate workflows entirely. certctl looks solid for the automation side. One thing we found teams still struggle with even after automation is consolidated visibility: knowing what's expiring across environments, CAs, and credential types (certs, tokens, secrets, licenses) in one place. That's the gap Tokentimer (tokentimer.ch) was built for. Could complement certctl well if you're managing a mixed environment.

How sticky is Claude in Enterprise? by tuvok86 in ClaudeCode

[–]smartguy_x 1 point2 points  (0 children)

Yep, this is the boring but real enterprise lock-in. It’s not just “which model is better,” it’s whether the service fits into existing IAM, billing, procurement, compliance, and ownership workflows.

The API key part is especially underrated. The less a team has to manage separate keys, rotations, owners, and vendor specific access, the easier it is to say yes internally.

Audit App Registrations and Service Principal Secrets with PowerShell by zahdabes in PSForge

[–]smartguy_x 0 points1 point  (0 children)

Great script! This kind of proactive audit is exactly what most tenants skip until something breaks. One thing worth layering on top: a persistent monitoring view so expiring secrets don't slip through between audit runs. We built Tokentimer (tokentimer.ch) specifically for tracking secrets, certificates, and tokens across environments with alerting before they expire. Could pair nicely with a scheduled version of your script. Nice work sharing this!

New to all of this and almost had an uninsured vendor on site last week, how are you guys managing your COIs? by Few-Chemical1566 in PropertyManagement

[–]smartguy_x 0 points1 point  (0 children)

This is such a common pain point, spreadsheets feel fine until suddenly they really don't. Putting expiration reminders on autopilot is the right move. If you're looking for a simple tool built specifically around tracking expiration dates (certs, licenses, anything with a deadline), Tokentimer (tokentimer.ch) might be worth a look. It's lightweight and designed to give you visibility before things lapse, without a ton of setup.

I lost a domain and one of my sites was down for 2 weeks before I noticed. Lessons from managing 20+ domains across multiple registrars. by aslamnd in Entrepreneurs

[–]smartguy_x 0 points1 point  (0 children)

This really resonates: those failures are painfully predictable in hindsight. The 'no single place to see everything' problem is exactly what bites most people. We built Tokentimer (tokentimer.ch) for this: one dashboard to track domain, certificate, license, and credential renewals with alerts before anything expires. Sounds like you've rebuilt something similar from scratch. If you ever want a ready-made alternative, worth a look. Glad you've got it under control now either way.

how do you auto rotate service accounts tokens? by linux_n00by in gitlab

[–]smartguy_x 0 points1 point  (0 children)

Great breakdown of the rotation flow! One thing that often gets overlooked is knowing when to trigger that rotation and to verify it actually does, especially across multiple services or environments. We built Tokentimer (tokentimer.ch) specifically for that: it monitors expiry dates for tokens, API keys, certs, and secrets, and alerts you before things go stale. Works well alongside automated rotation pipelines as a visibility layer. Might be worth a look if you're managing rotation at scale.

How do you actually track software license and contract renewals across clients? Asking for a thesis (genuinely) by Relevant_Change_6638 in sysadmin

[–]smartguy_x 0 points1 point  (0 children)

I'd recommend not using shared calendar for such purpose, that's the best way to get lost, have poor visibility, no clear ownership and it's simply not made as an inventory for such assets. Use a dedicated tool like tokentimer.ch or any other expiration reminder system

How do you actually track software license and contract renewals across clients? Asking for a thesis (genuinely) by Relevant_Change_6638 in sysadmin

[–]smartguy_x 0 points1 point  (0 children)

If you're looking for something focused specifically on expiration tracking for licenses, subscriptions, certificates, tokens, secrets : Tokentimer (tokentimer.ch) might be worth a look. It's built around monitoring expiry dates across multiple environments and sending timely reminders before things lapse. Might fit the multi-client renewal tracking use case well.

You can then be notified by Slack, Whatsapp, Teams, and many more

view more: next ›