I see you have JWT, but do not recommend it since ...
# support-questions-legacyb
bert2002
09/24/2022, 6:26 AMI see you have JWT, but do not recommend it since you are not following the standard (why?) and cannot revoke it. Is there any plan to implement it? I know this can be worked through with a blacklist of tokens, but it brings a risk to the developers and maintainers. Or any other recommendations on how api access can be granted?
r
rp_st
09/24/2022, 7:50 AMHey
rp_st
09/24/2022, 7:50 AMHey
rp_st
09/24/2022, 7:51 AMWe are planning on making our access tokens a JWT as well. That should be our in 1-2 months
rp_st
09/24/2022, 7:51 AMYou can use our sessions right now as well without JWT and enable token blacklisting on the core side
b
bert2002
09/24/2022, 8:23 AMyou mean I can use the sessions with e.g. curl or third party scripts?
r
rp_st
09/24/2022, 8:25 AMWell, you can, as long as attach the right cookies in the request. Basically stuff that our frontend SDK does.
b
bert2002
09/24/2022, 8:33 AMwell okay, thats not very developer friendly 😄
r
rp_st
09/24/2022, 11:09 AMYeaaaa. We are working on making it simpler. Should be out in 1-2 months