When I first learned about token-based #authentication, I assumed using a refresh #token would issue a new access token _and_ refresh token.

My wish has come true today, with @auth0 releasing Refresh Token Rotation 🎉

https://auth0.com/blog/securing-single-page-applications-with-refresh-token-rotation/

What does this actually mean? 👇
Securing Single Page Applications with Refresh Token Rotation

How Auth0 helps you securely maintain user sessions and engagement in the era of ITP

https://auth0.com/blog/securing-single-page-applications-with-refresh-token-rotation/
Before: Single Page Apps wouldn't get a refresh token, because a compromised RT was too dangerous. To reauthenticate, an iframe was used instead, relying on third-party cookies.

However, recent browser #privacy improvements have impacted #SPA's when it comes to #OAuth.
After: #SinglePageApps can now get a single-use refresh token with a shorter expiry, and use that to reauthenticate a user or obtain a new access token.

No more third-party cookies. No more iframes.
You can follow @bendechrai.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more