jspωiki
Token Revocation

Overview#

Token Revocation in most Token systems Token are often credentials which will therefore require some form of Credential Revocation.

OAuth 2.0#

Token Revocation for OAuth 2.0 method is OAuth 2.0 Token Revocation

https://stackoverflow.com/questions/31919067/how-can-i-revoke-a-jwt-token

Kerberos Token Revocation#

There is no Revocation model or Token Revocation in general Kerberos based on the ticket lifetimes should be short enough.

Within a specific Kerberos Realm often other methods are used for Credential Revocation (e.g., lock the _account_, which will generally replicate with less latency than Token Revocation.

More Information#

There might be more information for this subject on one of the following: