Is there any way to expire or revoke bearer access token on logout event (before it’s expires_in time which is set in issued token) of dot net core application
Is there any way to expire or revoke bearer access token on logout event of dot net core application
Hello @nitin.neetu,
As far as I know there is no way to revoke tokens at this time, but I believe this capability is on the roadmap for this year or next.
is there a way to get an official confirmation from the auth0 team? (or are you representing auth0, @markd?).
if we are going to put this service at the core of our security, it’d be nice to know this.
answering my own question: here is a statement from an auth0 person confirming that login tokens are impossible to revoke:
Hello @markmark_kel,
I don’t work for Auth0. I’m just a customer and so not authorized to speak to Auth0’s roadmap. All I can say is keep an eye on the changelog. Auth0 is constantly rolling out new capability and I think you may find it interesting.
Mark
Thanks a lot for sharing the link to the changelog here Mark!