Access Token and Refresh Token

Durlov PhukonDurlov Phukon
2 min read

Table of contents

Most of the beginners is confused about many topics when they are in the coding journey. and backend development is the most interesting and sometime difficult.

when we enter into backend development some basic concept is required like basic networking, basics of operating system, basic of database etc.

In the backend development journey, it's important to know about Authentication. and when talk about authentication, here is a most important concept which is Token. and we have basically use two type of token is our authentication.

  • Access Token

  • Refresh Token

Before we know about access token and refresh token, let's quickly know disadvantages of If I not using Token's.

If we do not use Token's: -

In simple if we do not use token's then we definitely face multiple issues like: -

  • Security issues.

  • User experience disturb.

  • more load on authentication server.

  • performance impact.

So, in this reasons Token's is very useful to Increase or optimize user experience. let's go and look the details about access token and refresh token.

Access Token: -

Access token is like digital keys that grant authorized access to specific resources without revealing your actual credentials.

Imagine you install an app your mobile and register with your email and password. when you register then you have assigned a secret digital key (Access Token). and when you want to do an activity in the app then app server verify you using your secret digital key (Access Token), and when user is a valid user, then app is proceeded you to specific activity which you want.

Refresh Token: -

Imagine you login the same app after two-three days app is logout automatically because Access token is short-lived (minutes-hours). after access token expired app required your email and password to verify you. This condition is irritating for a user.

So, Refresh Token solve this situation. when you registered the app, you have assigned a Refresh token equally Access token. when access token expired then refresh token request a new access token from the server. and server verifies the refresh token and send a new access token without your credentials.

Because of the refresh token user logged in without frequent interruptions.

I think access token and refresh token is the best way to provide a user to seamless experience. as a backend developer we must be know about access token and refresh token.

0
Subscribe to my newsletter

Read articles from Durlov Phukon directly inside your inbox. Subscribe to the newsletter, and don't miss out.

backendaccess-tokenrefresh-tokenJWT token,JSON Web,Token,Token authentication,Access token,JSON token,JWT security,JWT authentication,Token-based authentication,JWT decoding,JWT implementationrefreshtokenJavaScript#JWTAuthentication #JWTtokens

Written by

Durlov Phukon
Durlov Phukon

As a beginner front-end developer, I specialize in designing and implementing responsive and engaging web applications. I have learn HTML, CSS, JavaScript Reactjs, and related technologies, and also learning Backend Development. Beyond technical skills, I'm a collaborative team player who values effective communication and creativity. I enjoy staying up to date with the latest trends and best practices in front-end development, and I'm always looking for opportunities to take on new challenges and expand my skillset. If you're looking for a front-end developer who can create modern, performant, and accessible web applications, feel free to connect with me.