-
There is insufficient output from the siem.py script; No timestamps; No warning levels;
In addition, output by default contains sensitive authentication and jwt tokens - if sent to a syslog - that…
-
## In the User Registrations add a field telling if an application is active or not
### Problem
We are using the User registrations in a lambda JWT populate. In it there is an element for each reg…
z4m0 updated
3 months ago
-
**Objective**: Allow users to log out (sign out) of the application.
**Sub-Tasks**:
1. **Invalidate JWT on Sign Out**:
- Since JWTs are stateless, consider strategies for invalidating the toke…
-
Implemented this gem for JWT auth and it works like a charm, even with GraphQL.
However, using localstorage to store the Bearer token isn't very secure. Using HTTP Only Cookies seem to be a reason…
-
### Describe the bug
Currently ID tokens will be refreshed alongside code flow access tokens when ID token is nearly expired.
However if the ID token is still valid but the access token is not, then…
-
I am working on a rails/jwt integration ([sirwolfgang/jwt_keeper](https://github.com/sirwolfgang/jwt_keeper)), which I would like to integrate with sorcery.
One of the key things is that the tokens …
-
Hi there,
I am trying to setup Moon to be accessible securely by my external service. I am using service to service tokens for my services communication issued by an ADFS server.
I read in the d…
-
Is tehre any way (or best practice) how to implement this JWT for multiserver (multi app) system?
for example: I want to have auth server as a separate application. Then I have multiple servers (apps…
-
The documentation uses the default `.AddJwtBearer()` method without any options. However, the JWTs generated are signed and the signature is validated somehow. Wouldn't this require the public key t…
-
**Scenario**:
We have two JWT tokens for User1 and User2 who are associated with two different rooms.
User 1:
JwtToken : JwtTokenOfUser1
RoomId : "A"
User 2:
JwtToken : JwtTokenOfUser2
Room…