Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
unscaled
on March 14, 2017
|
parent
|
context
|
favorite
| on:
JSON Web Tokens should be avoided
Agreed. Revoking all user sessions instead of a specific token is the common case. The only usage I see for revoking a specific token is when the user is deactivating a specific client.
nb777
on March 15, 2017
[–]
Also when a user changes his password, no ?
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
