Does calling `logout()` invalidate a DID token?
Calling a logout function does not invalidate a DID token. A DID token is just proof that a user was authenticated, and each DID token has an expiration of 15 minutes by default.
The only way for a once-valid DID token to be invalidated is for it to expire. That's why it's best to create short-lasting DID tokens when the user is logged in and re-generate them as needed (if needed) by your application. (see https://magic.link/docs/introduction/decentralized-id for more information on customizing DID Tokens)
The only way for a once-valid DID token to be invalidated is for it to expire. That's why it's best to create short-lasting DID tokens when the user is logged in and re-generate them as needed (if needed) by your application. (see https://magic.link/docs/introduction/decentralized-id for more information on customizing DID Tokens)
Updated on: 09/12/2021
Thank you!