Spring Security Once JWT token is issued, locking user in spring security doesn't block the user.

Once JWT token is issued, API access is not blocked even after locking the user.But when user tries to do a login, it says your account is locked.Can anyone suggest how to handle this?

Comment From: fhanik

Please provide more information. Is the API access point on a resource server or an authorization server, what type of token validation (offline, or online by calling /introspect)

The user gets locked on the authorization server. That's the only place where access can be closed down. If you are using a resource server with offline validation, the token will remain active until it expires.

Comment From: spring-projects-issues

If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.

Comment From: spring-projects-issues

Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.