circle-info
Webinar | The Great Database Exodus: Navigating Strategic Risk in the Post-Oracle MySQL Era
Watch Nowarrow-up-right
search
Download MariaDBContact Us

Token Management

Token management is a critical part of the system's security, handled primarily by the RAG API.

hashtag
Token Generation

The process involves two main steps:

hashtag
Step 1: User Registration

spinner

hashtag
Step 2: User Login & Token Generation

spinner

hashtag
Token Usage

Once a client has a JWT, it includes it in the Authorization header of every request to the MCP Server. The server then validates the token before processing the request.

spinner

hashtag
Key Security Measures

  • Signature Verification: Prevents token tampering.

  • Expiration Check: Tokens have a limited lifetime (e.g., 30 minutes).

  • Database Validation: Ensures the user associated with the token still exists and is active.

  • Issuer/Audience Validation: Prevents a token from one system from being used on another.

  • Not-Before Check: Prevents a token from being used before it is valid

This page is: Copyright © 2025 MariaDB. All rights reserved.

spinner
PreviousAuthenticationNextArchitecture

Last updated

Was this helpful?