infinitetrooper
commented
1 year ago Another request from yogananda-srf.org
Open infinitetrooper opened 1 year ago
infinitetrooper
commented
1 year ago Another request from yogananda-srf.org
Enabling refresh token rotation means every time an application exchanges a refresh token to get a new access token, a new refresh token is also returned. Therefore, you no longer have a long-lived refresh token that, if compromised, could provide illegitimate access to resources. As refresh tokens are continually exchanged and invalidated, the threat is reduced.
More information here
Slack Conversation here