How can I revoke a JWT token?
问题 I am using Spring Security OAuth2 and JWT tokens. My question is: How can I revoke a JWT token? As mentioned here http://projects.spring.io/spring-security-oauth/docs/oauth2.html, revocation is done by refresh token. But it does not seem to work. 回答1: In general the easiest answer would be to say that you cannot revoke a JWT token, but that's simply not true . The honest answer is that the cost of supporting JWT revocation is sufficiently big for not being worth most of the times or plainly