2025-06-08 UTC
#
Zegnat Many will store the token in a database so they can ensure one time use. (Of course if you only store the token, database can mean just a file.) Alternatively state-less solutions exist where the auth code is something like a JWT. That way if someone contacts your server with the token, you can validate it with a signature check instead and your server can be stateless
