Y
Hacker News
new
|
ask
|
show
|
jobs
by
pier25
2315 days ago
>
Yes! If a JWT is stolen, then the thief can can keep using the JWT.
Unless you have some form of fingerprinting the client who authenticated and received the JWT.