|
|
|
|
|
|
by mooreds
1767 days ago
|
|
|
Note that this article has an error. "This section could contain anything, but at minimum it needs to contain some kind of user identifier and a timeout (iat)." The iat claim is when the token was issued, not when it expires. The exp claim is when it expires. See also https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.4 |
|
|