Revoking JWTs (JSON Web Tokens)

The most common solution is to reduce the duration of the JWT and revoke the refresh token so that the user can’t generate a new JWT. At any time, an administrator can revoke the refresh token which means that the user must re-authenticate to get a new JWT. And finally we configure our Webhook in FusionAuth:

We can now revoke a user’s refresh token and FusionAuth will broadcast the event to our Webhook.

Source: fusionauth.io

My Tech Blog

Tech news and links

Revoking JWTs (JSON Web Tokens)

Revoking JWTs (JSON Web Tokens)