Expire bearer token

Is there a way to expire bearer token (and/or refresh token) every time a new bearer token is created?

Hi @ricokta. Could you please expand upon your use case? I want to make sure I fully understand the ask.

1 Like

Thank you for catching this.
So if my user creates a token, and then create another one and then another, there will be 3 active tokens for that user. I wanted to maintain just one active (latest) token for each user.

Hi @ricokta, it is best practice to have short lived tokens and having refresh tokens implemented is an added security measure. If you have not implemented refresh tokens already I recommend doing so with with short lived access tokens - Refresh access tokens | Okta Developer.

2 Likes