Mid ASP.NET Core

Token expiration, token revocation?

  • JWTs typically expire in 5–30 minutes.
  • Expired tokens cannot be used.
  • Revocation requires token blacklisting (e.g., database of revoked tokens).

✅ Configure expiration:

Expires = DateTime.UtcNow.AddMinutes(30)

✅ Use refresh tokens to handle expiration.

More from ASP.NET Core Tutorial

All questions for this course