| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by mrkeen 751 days ago
	> If a short session time isnt good enough, you can use a simple key store to check for revoked tokens. It's not bad solution per se, but it does negate JWT's main value proposition, which is to not need such a store.