I'm implementing the JWT in FastAPI, Which is proper way to revoke the access and refresh tokens for the Logout?
Thanks in advance
JWT is designed to be stateless, which means when a JWT is created, you can not expire it on the server side. You'll just have to wait for it to expire, or you can tell client to delete it.
If you still insist on deleting a JWT on the server side, you'll need some kind of blacklist as described in this post
You can also take a look at blacklist functionality in Django