JWT best practices for max security
Рет қаралды 9,130
Күн бұрын
@PSAfterHours 2 жыл бұрын
How to revoke a JWT token: kzbin.info/www/bejne/oKulZYecorSNr9k
@jorgeromero4680 2 жыл бұрын
can you use jwt in inav?
@ShibraTai 8 ай бұрын
What if the token gets leaked....if a person has the token he/she would be able to hit the api
@imissthestacy4803 7 ай бұрын
It would indeed be stolen and used to access api but then expired, as a dev you'd better to protect from this theft rather then figuring out how to stop a stolen one, use http only cookies secure https connection
@heshiebee Жыл бұрын
Great video, very informative
@matthewrichardson8162 Жыл бұрын
Great video!
@syffs-sq6bw Жыл бұрын
sorry but either you dont know what you're talking about, or you're omitting the truth? JWT used in an authorization context is a secret, even if it doesn't contain any secret info, as they're used to perform authenticated calls! There's much more to JWT security than what you mention, starting with where they're stored for instance, or how they're generated (fingerprint?) or combined with other security measures.
Software Developer Diaries
Рет қаралды 24 М.