On a restful API. If I want to log out, say I am using a Single Page App, connected to a restful service. All I have to do (assuming the token doesn't expire) is destroy the token locally. Correct?
normally, jwt will not be saved on the server. destroying the token locally means destroying the login information.