DEV Community


Discussion on: OAuth Tips for the Uninitiated

antonfrattaroli profile image
Anton Frattaroli Author • Edited
  1. Yeah, sorry that's very misleading and I'll fix it. [Update: fixed]

  2. Refresh tokens stored in a database. Tracked as in their existence is persisted in a database, but I assume someone is already using that in a creepy facebook-tracking you sort of way.

  3. Can be a sliding expiration. Can be set to never expire too. Some companies want re-authentication like they want you to reset your password.

anabella profile image

Beautiful <3 Thank you again!