Personally, I avoid storing tokens on my server wherever possible. If all I do is verify the token and then discard it, does it still violate these new guidelines?
In other words, do I need to start storing tokens and verifying them hourly?
Personally, I avoid storing tokens on my server wherever possible. If all I do is verify the token and then discard it, does it still violate these new guidelines?
In other words, do I need to start storing tokens and verifying them hourly?