This article explores a specific edge case that can happen when OAuth 2.0 authorization servers use rotating refresh tokens to detect refresh token theft. That’s a mouthful, so let’s explore those ideas one by one. What is OAuth 2.0? OAuth 2.0 is a framework for authorization on the web, where…
