Node-jsonwebtoken: Destroy/Delete active/valid token

Created on 17 Jan 2016  路  2Comments  路  Source: auth0/node-jsonwebtoken

I was wondering if there was a way to destroy/delete/deactivate/whatever a JWT thats been validated and currently in use.

Im moving my application over from CodeIgniter, which allows you to keep the sessions in a database, which makes it easy to terminate account sessions if needed. I was trying to get the same effect here, by destroying the users JWT token

Most helpful comment

It is not possible with JWT. You can blacklist tokens, please read these two blogposts:

https://auth0.com/blog/2014/12/02/using-json-web-tokens-as-api-keys/
https://auth0.com/blog/2015/03/10/blacklist-json-web-token-api-keys/

All 2 comments

I want ask too!!!

It is not possible with JWT. You can blacklist tokens, please read these two blogposts:

https://auth0.com/blog/2014/12/02/using-json-web-tokens-as-api-keys/
https://auth0.com/blog/2015/03/10/blacklist-json-web-token-api-keys/

Was this page helpful?
0 / 5 - 0 ratings

Related issues

itamarwe picture itamarwe  路  3Comments

mathellsmelo picture mathellsmelo  路  3Comments

ehartford picture ehartford  路  3Comments

cope picture cope  路  4Comments

svnty picture svnty  路  3Comments