Bird
0
0

Why is it important to use different secret keys for signing access tokens and refresh tokens in NestJS?

hard📝 Conceptual Q10 of 15
NestJS - Authentication
Why is it important to use different secret keys for signing access tokens and refresh tokens in NestJS?
ATo limit the impact if one key is compromised and improve security
BTo make token verification faster
CTo allow tokens to be interchangeable
DThere is no need; one secret is enough
Step-by-Step Solution
Solution:

  1. Step 1: Understand secret key roles

    Different secrets isolate token types so compromising one does not affect the other.

  2. Step 2: Evaluate other options

    Using one secret risks both tokens if leaked; different secrets do not affect speed or interchangeability.

  3. Final Answer:

    To limit the impact if one key is compromised and improve security -> Option A

  4. Quick Check:

    Separate secrets improve token security [OK]
Quick Trick: Use separate secrets for access and refresh tokens [OK]
Common Mistakes:
  • Thinking one secret is sufficient
  • Believing different secrets speed verification
  • Assuming tokens can be swapped

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More NestJS Quizzes
Database with Prisma - Prisma setup in NestJS - Quiz 11easy Database with Prisma - Schema definition - Quiz 9hard Database with TypeORM - Query builder - Quiz 5medium Database with TypeORM - TypeORM module setup - Quiz 12easy Database with TypeORM - Query builder - Quiz 10hard Guards - Why guards control access - Quiz 4medium Middleware - Global middleware - Quiz 11easy Middleware - Global middleware - Quiz 2easy Pipes - Why pipes transform and validate input - Quiz 6medium Pipes - File validation pipe - Quiz 14medium