rede5/core

Tiago Yamamoto 293ab34cec refactor identity-gateway to fastify service

2025-12-27 14:20:43 -03:00

380 B

Raw Blame History

Token Model

Access token claims

{
  "userId": "uuid",
  "tenantId": "uuid",
  "roles": ["admin"],
  "permissions": ["billing.read", "baas.write"]
}

Access tokens are used by internal services only.
TTL is short (default 15 minutes).

Refresh tokens

Stored hashed in the database.
Used to issue new access tokens.
Revoked on logout or compromise.