What is DisableOneTokenPerAPI in tyk-identity-broker profile

I cannot find any documentation on the following option for TIB:

IdentityHandlerConfig": { "DisableOneTokenPerAPI": false,

What does this do?

Hi Dave

This will ensure that if a user has logged in before, it will invalidate that token, to ensure only one token exists per identity.

Hope that helps!

Thanks James, that’s what I figured it did. Useful feature. As a follow up, is there a hook in the dashboard/gateway that fires when the token is invalidated? We’d love to push a message via websocket to the user’s other session and tell them they’ve been logged out but someone logging in from another location

Hi Dave

I think you’ll be able to use: EVENT_TokenDeleted
Let me know!


Awesome, thanks for the super fast replies!