stackoom
  简体   繁体   中英

How to force Invalid Bearer token in web api?

 原文  2014-06-04 18:08:02       c#/ web-applications/ user-accounts

Question

I had to delete over 90 users in my web api. I am using web api 2 individual account. But after deleting this users, they still can use my web-api, because access token are cached somewhere. How to prevent that?

1 answers

solution1
 1 ACCPTED  2014-07-15 07:15:11

because tokens are stored on the client and not on the server, u can't manually invalid token.


but i found three solutions:
1'st - Just wait until tokens expire (14 days, it was too long for me)
2'nd - changing the date on the server, when i add'ed 14 days to server date, All tokens expired (but on production server this was unacceptable)
3'rd - Changing machine key on server.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Decrypt Bearer Token in Web API How to make Bearer token invalid How to use bearer token with two asp.net web api JWT Bearer Token: "The audience 'api://...' is invalid" Web API Security and Authentication - bearer token Web API 2 OWIN Bearer token custom authentication Invalid bearer token How to set some user data when token generate using web api bearer token base authentication How to consume ASP.NET Web API 2.0 with bearer token via a desktop/console application How to return bearer token from HttpresponseMessage Asp.net Web Api
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM