Comment by apitman 2 days ago OAuth2 is not inherently stateless. 2 comments apitman Reply catlifeonmars 2 days ago Good call. I said OAuth but what I meant was OIDC and specifically JWT. OAuth (not OIDC) implementations MAY use opaque access tokens that require server side state to validate. apitman 2 days ago Ah makes sense
catlifeonmars 2 days ago Good call. I said OAuth but what I meant was OIDC and specifically JWT. OAuth (not OIDC) implementations MAY use opaque access tokens that require server side state to validate. apitman 2 days ago Ah makes sense
Good call. I said OAuth but what I meant was OIDC and specifically JWT. OAuth (not OIDC) implementations MAY use opaque access tokens that require server side state to validate.
Ah makes sense