RevokeToken API introduced in June 2021, I have a business problem.
RevokeToken Expiration Time : 30 Days
AccessToken Expiration Time : 30 Minutes
If i logging into two devices with same user with some delay and generate AccessToken and RefreshToken, Firsly generated RefreshToken will be revoked automatically when the user logging the same credential in the second device. But the lastly generated accessToken from first refreshtoken will be in live for that 30 mins when that refresh token is invalid or revoked. How to invalidate that accessToken? please suggest a solution for it?
AWS 官方已更新 1 年前