Why does JWT set 2 token??

it is found that when many people on the Internet use JWT, they will set 2 token:access_token and refresh_token,access_token to expire in 2 hours, and refresh_token to expire in 7 days. If the access_token expires, the refresh_token will not expire and a new access_token, will be generated. If the refresh_token expires, let the user log in again.

I wonder if you can just set a token to expire in 7 days. It is said that setting 2 token is more secure, but if someone can get one of your token, he will definitely get the other. Or is it necessary to set up 2 token for some special scenarios? Hope that experienced people can help to answer questions and questions!

Thank you!

Jun.22,2021

this question has seen a lot of posts, but it is really not very clear. As far as I understand it, the emergence of, refresh token is entirely in response to the scenario in which accessToken is stored on the client, and the: access token is stored on the client, which may be leaked, so the general license server gives access token a shorter expiration time. Once expired, the user will be required to log in again (for example, two hours later), which is not a good user experience at all. Then there is refresh token, which is generally stored directly on the server, and its function is to retrieve it after the access token expires, reducing the frequency of users logging back in.


refresh token if there is no client, how can the client let the server know that it once owned this refresh token?


for security reasons, refresh_token will only communicate between requesting resource party and authentication party to obtain new access_token , while access_token besides the above two servers, It will also communicate with the resource provider (resource server) to request for resources, which will inevitably increase the security risk

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1e91072-470fc.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1e91072-470fc.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?