• caglararli@hotmail.com
  • 05386281520

Showing prefix of token in error message?

Çağlar Arlı      -    40 Views

Showing prefix of token in error message?

In our development context we have a lot of different tokens. If a developer gets "permission denied", it is often not immediately clear which token was used.

I would like to improve the error message and show a prefix of the token.

Imagine I have a token like this:

aragq29uFDgfDdgf44SdfgfSSgfdRsgdDG45

I would like to show:

permission denied (token starts with "aragq...")

Is this a security risk?