How API Token Rotation Reduces Breach Surface Area episode artwork

EPISODE · Jun 17, 2026 · 6 MIN

How API Token Rotation Reduces Breach Surface Area

from The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers · host Fexingo

Episode 56 of The Developer Tools Podcast examines API token rotation—why static tokens are a security liability and how automated rotation limits blast radius. Lucas and Luna break down a real-world GitHub token leak incident, explain the difference between refresh tokens and access tokens, and discuss implementation trade-offs including token lifespan vs. performance cost. They also cover current best practices like OAuth 2.0 token exchange and short-lived JWTs. The episode ends with a reflection on how small architectural habits can prevent big breaches. #API #TokenRotation #Security #AccessTokens #RefreshTokens #JWT #OAuth2 #GitHub #LeakedTokens #BlastRadius #DevTools #DeveloperExperience #Authentication #Infrastructure #BestPractices #BusinessAndTechnology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo

Episode 56 of The Developer Tools Podcast examines API token rotation—why static tokens are a security liability and how automated rotation limits blast radius. Lucas and Luna break down a real-world GitHub token leak incident, explain the difference between refresh tokens and access tokens, and discuss implementation trade-offs including token lifespan vs. performance cost. They also cover current best practices like OAuth 2.0 token exchange and short-lived JWTs. The episode ends with a reflection on how small architectural habits can prevent big breaches. #API #TokenRotation #Security #AccessTokens #RefreshTokens #JWT #OAuth2 #GitHub #LeakedTokens #BlastRadius #DevTools #DeveloperExperience #Authentication #Infrastructure #BestPractices #BusinessAndTechnology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo

NOW PLAYING

How API Token Rotation Reduces Breach Surface Area

0:00 6:36

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers?

This episode is 6 minutes long.

When was this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode published?

This episode was published on June 17, 2026.

What is this episode about?

Episode 56 of The Developer Tools Podcast examines API token rotation—why static tokens are a security liability and how automated rotation limits blast radius. Lucas and Luna break down a real-world GitHub token leak incident, explain the...

Can I download this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!