EPISODE · Jun 17, 2026 · 6 MIN
How API Token Rotation Reduces Breach Surface Area
from The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers · host Fexingo
Episode 56 of The Developer Tools Podcast examines API token rotation—why static tokens are a security liability and how automated rotation limits blast radius. Lucas and Luna break down a real-world GitHub token leak incident, explain the difference between refresh tokens and access tokens, and discuss implementation trade-offs including token lifespan vs. performance cost. They also cover current best practices like OAuth 2.0 token exchange and short-lived JWTs. The episode ends with a reflection on how small architectural habits can prevent big breaches. #API #TokenRotation #Security #AccessTokens #RefreshTokens #JWT #OAuth2 #GitHub #LeakedTokens #BlastRadius #DevTools #DeveloperExperience #Authentication #Infrastructure #BestPractices #BusinessAndTechnology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
What this episode covers
Episode 56 of The Developer Tools Podcast examines API token rotation—why static tokens are a security liability and how automated rotation limits blast radius. Lucas and Luna break down a real-world GitHub token leak incident, explain the difference between refresh tokens and access tokens, and discuss implementation trade-offs including token lifespan vs. performance cost. They also cover current best practices like OAuth 2.0 token exchange and short-lived JWTs. The episode ends with a reflection on how small architectural habits can prevent big breaches. #API #TokenRotation #Security #AccessTokens #RefreshTokens #JWT #OAuth2 #GitHub #LeakedTokens #BlastRadius #DevTools #DeveloperExperience #Authentication #Infrastructure #BestPractices #BusinessAndTechnology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
NOW PLAYING
How API Token Rotation Reduces Breach Surface Area
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m