How to revoke JWT Bearer Token in Asp.net Web API

Question

Can we make jwt bearer token as invalid

I'm voting to close this question as off-topic because a question should contain a single question. — Lajos Arpad, Jun 11 '18 at 12:11
please read on how to ask a good question, https://stackoverflow.com/help/how-to-ask — xanadev, Jun 11 '18 at 12:16
Possible duplicate of [Invalidating JSON Web Tokens](https://stackoverflow.com/questions/21978658/invalidating-json-web-tokens) — jps, Jun 11 '18 at 13:11

score 0 · Answer 1 · answered Jun 14 '18 at 07:22

0

A JWT bearer token is supposed to be a self-contained token that includes a verifiable expiry timestamp. Typical deployments won't allow to revoke it since there's no entity that will tell you that it is revoked. If you control the "issuer" side you can change that behavior yourself but it defeats the primary reason for using JWTs.

answered Jun 14 '18 at 07:22

Hans Z.

50,496
12
102
115

what primary reason? – Konrad Aug 29 '18 at 07:32
1

That it is self-contained. – Hans Z. Aug 29 '18 at 07:37

How to revoke JWT Bearer Token in Asp.net Web API

1 Answers1