Is there any way to expire or revoke bearer access token on logout event of dot net core application

nitin.neetu · April 10, 2023, 8:41am

Is there any way to expire or revoke bearer access token on logout event (before it’s expires_in time which is set in issued token) of dot net core application

markd · April 10, 2023, 3:47pm

Hello @nitin.neetu,

As far as I know there is no way to revoke tokens at this time, but I believe this capability is on the roadmap for this year or next.

markmark_kel · June 23, 2023, 11:20pm

is there a way to get an official confirmation from the auth0 team? (or are you representing auth0, @markd?).

if we are going to put this service at the core of our security, it’d be nice to know this.

markmark_kel · June 23, 2023, 11:30pm

answering my own question: here is a statement from an auth0 person confirming that login tokens are impossible to revoke:

markd · June 25, 2023, 7:46pm

Hello @markmark_kel,

I don’t work for Auth0. I’m just a customer and so not authorized to speak to Auth0’s roadmap. All I can say is keep an eye on the changelog. Auth0 is constantly rolling out new capability and I think you may find it interesting.

Mark

konrad.sopala · June 26, 2023, 6:57am

Thanks a lot for sharing the link to the changelog here Mark!