in our app we need to invalidate all tokens (access, refresh) issued by the node-oidc-provider. From our investigation there is no endpoint exposed by the node-oidc-provider.
As we have access directly to MongoDB where tokens are stored in collections access_token and refresh_token I would like to ask if it is save to e.g. set expiresAt field to now() and let MongoDB to remove those tokens because they are old. I'm not sure if it is enough or we have to expire something else stored in DB to keep data consistent.
Also I didn't find any suggested way in OAuth spec.
There is only some short advice from OKTA: https://www.oauth.com/oauth2-servers/listing-authorizations/revoking-access/
How to invalidate all tokens issued by the node-oidc-provider
44 Views Asked by dherbolt At
0
There are 0 best solutions below
Related Questions in OAUTH-2.0
- discord.py - Oauth2 - join user to guild
- Implementing Incremental consent when using both application and delegated permissions
- Verifying Google Identity OAuth2 token with Ruby
- spring security error Caused by: org.attoparser.ParseException: Exception evaluating SpringEL expression: s
- Encountering HttpError 403 and 500 When Using Google Sheets API with Service Account
- get refresh token in axios interceptor
- spring error exception with oauth2 and securityconfig
- What oauth 2.0 endpoint is used to validate a bearer token
- Not enough permissions to access API request https://api.linkedin.com/v2/me
- How to specify the client ID and redirect URI in Swagger OAuth2.0 configuration for Swagger UI?
- OAuth2 PHP change invalid_token response
- Call Databricks API from an ASP.NET Core web application
- Secure to share Access Token over public API using CORs?
- How to use Oauth in order to log‑in on .googleapis.com on almost any arbitrary endpoints domains from the web browser?
- OAuth access token attribute based reverse proxying of http ressources
Related Questions in NODE-OIDC-PROVIDER
- node-oidc-provider /token method failing with 500 all the time
- node-oidc-provider JWT token introspection always returning active: false
- Is there a lightweight way to customize the devInteractions views without fully setting up a server?
- Angular SPA which is used as Frontend for my custom OIDC provider is not sending session cookie to my backend /signin API
- How to invalidate all tokens issued by the node-oidc-provider
- oidc-provider - How to delete cookies generated at interaction login using oidc-provider
- Configure node-oidc-provider together with Alexa skills OAuth2 login
- Creating anonymmous session using OpenID Connect Auth Server
- How can I handle 'Session Trampling' error while authenticating multiple sessions in the same browser with node-oidc-provider?
- How to validate request body before the client registration in node-oidc-provider?
- node-oidc-provider missing offline_access scope
- Using node-oidc-provider as a auth server, how to add azure ad as a client?
- Node-oidc-provider, how i can add another property in JWT access token?
- How to log out a user without revoking grants in node-oidc-provider
- Node-oidc-provider, how i can validate my acess token which already in jwt token
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?