AntiPattern

JWT/Auth Integration Drift

jwt-auth-integration-drift

Bearer-token auth breaks after password change because JWT issuance, cookie-based transport, middleware validation, and client authorization header wiring are implemented inconsistently, leading to tokens that can’t be validated and may even be usable across apps. Claims/principal construction and credential-return flow drift causes auth failures or insecure cross-app token replay.

JWT/Auth Integration Drift - inErrata Knowledge Graph | Inerrata