473,224 Members | 1,610 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,224 software developers and data experts.

how to restrict refresh token to authorize apis other than api for refresh token

While developing for a mobile application, ther comes a requirement for refresh the JWT token. for which i had implemented login response as 1. access token and 2. refresh token.
Where access token has an expiration time of 8 hrs. and refresh token has an expiration time of 2 yrs.
If the access token is expired the api (/refresh-token) is triggered with the existing refresh token for the user.
then an access key is generated.

But there is an issue where the api other than (/refresh-token) api shouldn't be authorized using this refresh token.

Some of the apis can be protected using Permissions but apis having not Permission is still authorized using refresh token --- need to stop this

If anyone having solution please help!!
Jul 1 '22 #1
0 2155

Sign in to post your reply or Sign up for a free account.

Similar topics

1
by: Cronus | last post by:
Hi the following code the g++ (g++ (GCC) 3.3.3 (Debian 20040422)) emits the error message that pasting of :: and hello is no valid preprocessor token. The g++ 2.95.3 accepts the code. I know...
1
by: Maya | last post by:
Hello, I have three questions, and any answer might help :) 1. I have the following situation: I have application that is launched from the SYSTEM User, so it runs under this user too. That of...
6
by: Matt | last post by:
By using javascript, is it possible to disable the REFRESH functionality (F5 or refresh icon) in a browser? Please advise. Thanks!!
5
by: Andrew Chanter | last post by:
I have a situation where I am using an unbound dialog form to update data in an Access 2002 split back end / front end scenario. The data update is done via an ADO call (direct to the back end...
0
by: Sid DeLuca | last post by:
I'm modifying the WSE2 HOL sample to develop my web service. I'm able to get the client application's username token encrypted on the way out (outputTrace.webinfo), but not on receipt from the...
2
by: Frederick Gotham | last post by:
I'm going to be using an acronym a lot in this post: IINM = If I'm not mistaken Let's say we've got translation units which are going to be compiled to object files, and that these object...
0
by: FCI | last post by:
Hi My Name is Faraz and I have a problem that when my page has a server refresh it then has Ispostback value true as should be and then on client refresh i.e through F5 it is not getting false but...
0
by: copx | last post by:
Restrict keyword questions How far does the guarantee that an object is not accessed through another pointer go? I mean, all examples I have seen are simple stuff like: int f (int *restrict x,...
0
by: xoip | last post by:
I want to obtain a new "access token" based on the "refresh token" saved in database for Google API Analytics. Here is the code I wrote: GoogleCredential.Builder credentialBuilder = new...
0
by: SSFusion | last post by:
I have a coldfusion .cfm page for creating a new request where a select dropdown is placed which populates a list of users from the database, While creating a new request, the current user will...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
by: jimatqsi | last post by:
The boss wants the word "CONFIDENTIAL" overlaying certain reports. He wants it large, slanted across the page, on every page, very light gray, outlined letters, not block letters. I thought Word Art...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.