My WSO2 Identity Server issues a JWT, and on my .net core backend, i would like to reach out to Identity Server check the token (perhaps it was revoked for example)...
How do I do that?
Start by checking why you would do that. ANY sensible scenario for this WILL HAVE to involve caching. Which is what a token is.
What we do is this: * You get 2 tokens, an accesToken and a refresh token. * The access token is accepted on the backend without questions. It is valid 5 minutes. * The refresh token is doing a full account check. Revoked? no new access token for you.
Doing exactly the same thing without checking ;)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.