Support my work [ Ссылка ]
One of the popular questions about JWT is how to revoke a JWT token. The thing is, you can't revoke a single token. You can build a blacklist of all the tokens you want to invalidate, but it's not the way! Just keep the lifespan on the JWT token (exp claim) short and disable the user if required.

What are JWT tokens? Modern authentication and authorization for microservices [ Ссылка ]

0:00 How to revoke a JWT token
0:43 A token blacklist concept
1:03 So, how to secure your app? Keep the lifetime of the JWT short
3:00 Key change and not-before policy
4:12 What have we learned today?
4:50 Outro

#quadmeup #jwt #programming

[ Ссылка ]

If you want to support me:
✅ Patreon [ Ссылка ]
✅ Banggood affiliate [ Ссылка ]
✅ Paypal [ Ссылка ]

▶ Discord server [ Ссылка ]
▶ My website [ Ссылка ]

свернуть