rede5/core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
core/identity-gateway/docs/token-model.md
Tiago Yamamoto 293ab34cec refactor identity-gateway to fastify service
2025-12-27 14:20:43 -03:00

21 lines
380 B
Markdown
Raw Blame History

# Token Model
## Access token claims
```json
{
"userId": "uuid",
"tenantId": "uuid",
"roles": ["admin"],
"permissions": ["billing.read", "baas.write"]
}
```
- Access tokens are used by internal services only.
- TTL is short (default 15 minutes).
## Refresh tokens
- Stored hashed in the database.
- Used to issue new access tokens.
- Revoked on logout or compromise.
Reference in a new issue View git blame Copy permalink