Y
Hacker News
new
|
ask
|
show
|
jobs
by
seangrogg
179 days ago
Depends on the token; JWTs usually have payloads that are only base64 encoded. As well, if there's a refresh token in there it can be used to generate more tokens until invalidated (assuming invalidation is built in).