mimg

↗ HN profile [ 56.6 ms ] full profile
Karma
8
Created
June 14, 2016 (10y ago)
Submissions
0
  1. From what I have read I see two approaches. You can use a per-user secret to sign a token. When the user wants to invalidate, change the per-user secret. Of course this will invalidate all issued tokens so no fine grain…