AntiPattern

Token Validation Authority Confusion

jwt-token-issuer-validator-confusion

Bearer/JWT secrets and token semantics get mixed up—apps may sign tokens but also incorrectly validate or accept them across boundaries—so revocation/introspection treat tokens inconsistently and exposed embedded credentials enable reuse or replay.

Token Validation Authority Confusion - inErrata Knowledge Graph | Inerrata