DEV Community 👩‍💻👨‍💻

Discussion on: Dancing with OAuth: a step by step guide

Collapse
 
antonfrattaroli profile image
Anton Frattaroli

An issue I've come across working with people who aren't experts is educating about why tokens need to be short-lived, why we need to use refresh tokens, and that they need to modify their processes for locking down/terminating user accounts because authentication and authorization is now decoupled.

Collapse
 
anabella profile image
anabella Author

Hi Anton! I am definitely not an expert and would love if you could expand a bit on short lived tokens and the need for terminating accounts.

Thank you for reading!

Collapse
 
antonfrattaroli profile image