oauth2-server-php Do I need to keep expired tokens in the database?

Do I need to keep expired tokens in the database?

Open ianmiddelkamp opened this issue 4 years ago • 1 comments

Hello I followed the cookbook at https://bshaffer.github.io/oauth2-server-php-docs/cookbook/ my oauth controller adds ClientCredentials GrantType and AuthorizationCode grantypes.

Do i need to keep old expired tokens in the database or can the 'oauth_access_tokens' table be cleaned out?

Apr 09 '20 16:04 ianmiddelkamp

I think you can delete expired access_token. Of course, if it's not in a critical service, you can empty the data table. BTW, refresh_token should be cleared too.

Apr 10 '20 10:04 bzp2010

oauth2-server-php oauth2-server-php copied to clipboard

Do I need to keep expired tokens in the database?

oauth2-server-php
oauth2-server-php copied to clipboard