I am using the access token string as issued by the authorization server. The token is decoded and using for Securing API. Everything works fine but even if I change the last character of token string it's validating. Why does it validate?
Asked
Active
Viewed 34 times
0
-
Maybe cause you validate it wrong. Show your code. – Yannick Mussche Oct 18 '22 at 11:51