I understand why one shouldn’t store the contents of the JWT token client-side but what about just storing the token expiration time?
I’m using the
auth0 authentication service in my app and I’d like to save the
tokenExpiry value to
localstorage. From a security standpoint, is this considered bad practice?