How to revoke a JWT token | The JWT lifetime, blacklist and not-before policy

Channel:
PS After Hours
Subscribers:
4,920
Published on ● Video Link: https://www.youtube.com/watch?v=jzB4TfmOZyw


Category:
Tutorial
Duration: 5:17
3,803 views
68

Support my work https://www.patreon.com/pawelspychalski
One of the popular questions about JWT is how to revoke a JWT token. The thing is, you can't revoke a single token. You can build a blacklist of all the tokens you want to invalidate, but it's not the way! Just keep the lifespan on the JWT token (exp claim) short and disable the user if required.

What are JWT tokens? Modern authentication and authorization for microservices https://youtu.be/9nBu5qtVxMM

0:00 How to revoke a JWT token
0:43 A token blacklist concept
1:03 So, how to secure your app? Keep the lifetime of the JWT short
3:00 Key change and not-before policy
4:12 What have we learned today?
4:50 Outro

#quadmeup #jwt #programming

https://www.keycloak.org/docs/latest/server_admin/index.html#compromised-access-and-refresh-tokens

If you want to support me:
✅ Patreon https://www.patreon.com/pawelspychalski
✅ Banggood affiliate http://bit.ly/2P8oAxr
✅ Paypal https://paypal.me/pawelspychalski

▶ Discord server https://quadmeup.com/discord
▶ My website https://quadmeup.com/



Other Videos By PS After Hours


2022-12-09Lightweight 3D Printing - eSun ePLA-LW
2022-11-05Why Elon Musk bought Twitter and why people will be fired?
2022-09-27How STM32 Alternate Functions work
2022-09-13How to exit VIM? 4 simple ways
2022-08-30Difference between authentication and authorization
2022-08-13What's the BEST open source license for your project?
2022-07-26How to verify a JWT token in JavaScript and Node.js?
2022-07-19A$$holes versus Open Source software
2022-06-23JWT claims explained: registered, public and private
2022-06-09JWT best practices for max security
2022-05-30How to revoke a JWT token | The JWT lifetime, blacklist and not-before policy
2022-05-02How to generate JWT token in Java | JWT, RSA256 and Auth0
2022-04-26reMarkable 2 Review | The final one!
2022-04-19How to verify a JWT token in Java | JWT, Keycloak, RSA256 and Auth0
2022-04-05What is JWT? The JSON Web Token introduction
2022-03-22The oscilloscope usage example | Rigol DS1054Z basics
2022-03-16What is a NFT and how it works?
2022-03-01Never crack the ESP32 OLED again
2022-02-17Crypto Miners hacked my AWS account and I lost $500
2022-02-08GPS locator with Arduino and LoRa | part 2
2022-02-04a little stream engine #shorts


Tags:
jwt authentication
json web token
jwt token
jwt auth
access tokens
jwt tutorial
json web tokens
json web token authentication
json web token tutorial
json web token explained