Why Refresh Token? - 2 min. OAuth #4

preview_player
Показать описание
Episode #4 explains why do we have Refresh Token in OAuth 2.0.

Subscribe to the channel to get (hopefully) Weekly video updates on "2 Minutes OAuth" and more.

Video Clips: NHK and Pixabay
  1. Nat Sakimura
  2. OAuth
  3. OAuth 2.0
  4. Refresh Token
  5. Access Token
Рекомендации по теме
Why Refresh Token? 0:02:15

Why Refresh Token? - 2 min. OAuth #4

What is a 0:04:53

What is a Refresh Token and why your REST API needs it?

What is the 0:03:19

What is the difference between Access Tokens & Refresh Tokens? OAuth 2.0 & OIDC (OpenID Conn...

What are Refresh 0:01:00

What are Refresh Tokens?! 🆔⌛

How does JWT 0:04:06

How does JWT Refresh tokens function?

JWT Refresh token 0:03:29

JWT Refresh token

OAuth 2.0 - 0:13:25

OAuth 2.0 - Refresh Token

OAuth 2. Refresh 0:08:26

OAuth 2. Refresh Token explained

Login and Signup 0:20:32

Login and Signup API using Django and Django Rest Framework | End to End JWT Authentication System

ID Tokens VS 0:08:38

ID Tokens VS Access Tokens: What's the Difference?

The difference between, 0:02:11

The difference between, ID, access, refresh, and session tokens? | One Dev Question: Hirsch Singhal

Automatically Refresh OAuth2.0 0:03:31

Automatically Refresh OAuth2.0 Access Tokens | Postman Level Up

How to Fix 0:04:02

How to Fix Invalid Grant and Expiring Refresh Token Errors for Google OAuth

Session-17 | What 0:04:58

Session-17 | What is refresh token in Apigee | How refresh token used | How to use refresh token

Google API - 0:02:52

Google API - Get Access Token and Refresh Token

Salesforce: Oauth- getting 0:03:08

Salesforce: Oauth- getting refresh token (2 Solutions!!)

Auth Refresh Tokens 0:15:45

Auth Refresh Tokens - React Tutorial 48

Why can't I 0:03:45

Why can't I use my refresh token! invalid_grant error #googleoauth #googledevelopers

Authentication in React 0:23:45

Authentication in React with JWTs, Access & Refresh Tokens (Complete Tutorial)

What are JWT 0:09:18

What are JWT Access token & Refresh token and why we need them? | Understanding JWT Tokens...

Refresh Token & 0:12:30

Refresh Token & Jwt Token

Access Token | 0:26:04

Access Token | Refresh Token | Id Token - What ? Why? When?

How to Get 0:16:35

How to Get a Google Oauth 2.0 Refresh Token - Bubble.io Tutorial

14. Generating Refresh 0:06:21

14. Generating Refresh Tokens | Node JS API Authentication

Комментарии
Автор

"It's like refreshing the access token. That's why It's called refresh token" | PRICELESS

נטעאלקקון
Автор

why don't attackers just focus on stealing the Refresh token? Won't that give them access to create new access tokens and then steal all other resources?

juanjoseramirezcalderon
Автор

Very refreshing explanation. Thank you!

dawid_dahl
Автор

Nice explained in short time. Thank You

createawareness
Автор

I was so confused. But now i think i get it.
Its only makes sense because refresh token is used only in the auth server. otherwise, there is no point of having 2 tokens.

mohamamdnazim
Автор

Please make me understand where is refresh token stored ? How does client knows that access token is expired and it should use refresh token to get a new one ?

shrikeshk
Автор

The best explanation, thank you very much.

TheTanMusic
Автор

if the resource gates are unsecure anyway, wouldn't the attacker just steal your next access token as soon as you use it? Whats the point of giving another access token

gamemusicmeltingpot
Автор

Any github repo that already implements jwt, access tokens, and refresh tokens ?

ErnestoVazquezChoby
Автор

what if the hacker got the refresh tokens instead of access token

reilwaystation
Автор

This was a very useful explanation. Just what I was looking for. But I have to admit, I snorted. Twice.

StevenErat
Автор

the before video Oauth #3 is not avaliable, @Nat Sakimura

richardsonbruno
Автор

Refresh token is useless if hacker also steal it beside access token! Hacker know this. So, they will steal both. So, why do we need still refresh token?

temanangka