|
|
|
|
|
|
by ehutch79
1360 days ago
|
|
|
To clarify, what I do for sso stuff, if I get the JWT, verify it, then generate a session_id to hand back to the frontend. I'm essentially using the JWT as a replacement for username/password when it comes from a sso provider. I can then do invalidation or deny login as normal. |
|
|