DEV Community

loading...

Discussion on: Dancing with OAuth: a step by step guide

Collapse
antonfrattaroli profile image
Anton Frattaroli

An issue I've come across working with people who aren't experts is educating about why tokens need to be short-lived, why we need to use refresh tokens, and that they need to modify their processes for locking down/terminating user accounts because authentication and authorization is now decoupled.

Collapse
anabella profile image
anabella Author

Hi Anton! I am definitely not an expert and would love if you could expand a bit on short lived tokens and the need for terminating accounts.

Thank you for reading!

Collapse
antonfrattaroli profile image