Information security, sometimes shortened to InfoSec, is an integral part of an organization’s security policy. It tries to ensure that a malicious actor cannot access or modify valuable information belonging to a company. Access, refresh and ID tokens are mostly seen as security or utility entities, but they are, in fact, carriers of valuable information.

Of course, an ID token is intended to give the client information about the user.

However, user information is not the only type of token data that should be treated with caution.

Related Articles