I implemented the Auth JWT with Identity Cookie Auth, one for the user interface and one for the REST APIs in my .NET Core 2.0 project.
Now everything works with the JWT token, where I set the expiration time to 30 minutes, the same as the cookie Identity expiration time.
I have not come across official docs for implementing update tokens for JWT. There are 1 or 2 blog posts on this topic, but they are too complex and require high maintenance.
So, I wanted to know if the concept of update tokens is applicable here or are we using the JWT access token?
While researching, this is the closest I came up with the answer https://stackoverflow.com/a/464626/
source
share