Articles on: Developer FAQ

Does calling `logout()` invalidate a DID token?

Calling a logout function does not invalidate a DID token. A DID token is just proof that a user was authenticated, and each DID token has an expiration of 15 minutes by default.

The only way for a once-valid DID token to be invalidated is for it to expire. That's why it's best to create short-lasting DID tokens when the user is logged in and re-generate them as needed (if needed) by your application. (see https://magic.link/docs/introduction/decentralized-id for more information on customizing DID Tokens)

Updated on: 09/12/2021

Was this article helpful?

Share your feedback

Cancel

Thank you!