Say I generated an authentication token, and to save on processing and remote calls, I've set it's expiration data some 30 days in the future.
Now I want to remove this account from my system, is there a way to revoke the authentication token I have given the client?
I don't think that's possible currently, and I can certainly work around that (by not having such high expiration times mostly), but I just wanted to make sure I didn't miss something in the docs.
You can't really revoke that specific token (outside of invalidating the secret that generated the token, but that will invalidate all other tokens issued by that secret too - probably not what you want).
You can, however, rely on some information that's specific to the token (perhaps you included a unique user ID as data in the token) and update your security rules to reject any operations that match that value.