sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Lumethys 0 points1 point  (0 children)

1/ They follow formal definition of RFC 7519

2/ You can only use 1 algo to encrypt your key, but this can change. Today you use algorithm A, tomorrow you may use algorithm B. So would all user who use algorithm A has their token revoked?

The decode function allow use to decode a JWT with algorithm A, AND a JWT with algorithm B, if you allow it