OctoLintPerpetualApiKeys warns of perpetual API keys.

Recommendation

API keys can either have an expiration date, or never expire. Keys that never expire may pose a security risk as they grant anyone with the key perpetual access to the Octopus instance.

The docs recommend rotating keys every 90 days for service accounts and rotating every 10-30 days for users.

Remediation

Consider replacing perpetual keys with keys that expire.