Sender-Constrained Tokens (DPoP / mTLS) and Refresh Token Rotation
Sender-constrained tokens (DPoP, mTLS) that mitigate Bearer-token replay, and refresh-token rotation. Protection for public clients such as mobile apps
2 docs tagged with "Token"
View all tagsServer-side Token Store and Distributed Sessions (Redis, Refresh Lock)
Designing the server-side token store for a BFF. In-Memory vs. Redis, TTL design, distributed refresh lock, and fail-closed key resolution