Some people like to use JWTs for access tokens or other self-... • Aaron Parecki

66°F

Tim Ysewyn @ 🇧🇪🏠 https://twitter.com/TYsewyn • Jun 6
Why should the role be in the token if you have the userinfo endpoint? Or why should there even be a (list of) role(s) in the token if it’s only a means to have access to an endpoint? 🤔

Some people like to use JWTs for access tokens or other self-encoded mechanisms. There are definitely trade-offs.

Portland, Oregon

Thu, Jun 6, 2019 12:20pm -07:00

Have you written a response to this? Let me know the URL:

Posted in /replies using monocle.p3k.io