C
C#3y ago
Morridis

API Design of login and refresh JWT token endpoint questions

I'm designing Login and refresh token and I have several questions. This is what I return on any refresh token and login. 
{
    "userName": "Barocco",
    "accessToken": {
        "tokenString": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJiNTAyZTYzZC1lYTYwLTQ4MTktYTc0Ny00ZGI4YmNiY2U3YzkiLCJlbWFpbCI6ImxsQHd3IiwidW5pcXVlX25hbWUiOiJCYXJvY2NvIiwicm9sZSI6IkFkbWluIiwibmJmIjoxNjYzOTIzOTAxLCJleHAiOjE2NjM5MjM5MDYsImlhdCI6MTY2MzkyMzkwMSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMS8iLCJhdWQiOiJodHRwczovL2xvY2FsaG9zdDo1MDAxLyJ9.I64OFaR9xnP2VmROBnv2RBNmGdAmbBVUn9kvocUN0Sc",
        "expireAt": "2022-09-29T14:16:35.0050936Z"
    },
    "refreshToken": {
        "tokenString": "JaXYg8r6NCJPD4g3JoQuyKIK4mWV/Be+J+B+QPshPfk=",
        "expireAt": "2022-10-22T14:16:35.0050936Z"
    },
    "role": "Admin"
}
{
    "userName": "Barocco",
    "accessToken": {
        "tokenString": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJiNTAyZTYzZC1lYTYwLTQ4MTktYTc0Ny00ZGI4YmNiY2U3YzkiLCJlbWFpbCI6ImxsQHd3IiwidW5pcXVlX25hbWUiOiJCYXJvY2NvIiwicm9sZSI6IkFkbWluIiwibmJmIjoxNjYzOTIzOTAxLCJleHAiOjE2NjM5MjM5MDYsImlhdCI6MTY2MzkyMzkwMSwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMS8iLCJhdWQiOiJodHRwczovL2xvY2FsaG9zdDo1MDAxLyJ9.I64OFaR9xnP2VmROBnv2RBNmGdAmbBVUn9kvocUN0Sc",
        "expireAt": "2022-09-29T14:16:35.0050936Z"
    },
    "refreshToken": {
        "tokenString": "JaXYg8r6NCJPD4g3JoQuyKIK4mWV/Be+J+B+QPshPfk=",
        "expireAt": "2022-10-22T14:16:35.0050936Z"
    },
    "role": "Admin"
}
Is it a good format to return this data? Is there any standard? Is there a good values for token and refresh token lifetime? Should I allow refreshing token if access token inspired but refresh token - not?
0 Replies
No replies yetBe the first to reply to this messageJoin
Want results from more Discord servers?
Add your server