Reply To: User token

[chrisburton]

According to the comment you linked to, it’s because the token represents a user session (of sorts), not the user themselves. So, no, it’s not suitable for your purpose.

What I was linking to is to show the purpose of what the token is used for. The answer I found is that the token is used for sessions to identify the user but I don’t think that person’s issue relates to mine. I probably shouldn’t have posted the link to that comment. Might be a bit confusing.

Is there some unique (or reasonably unique) data in the response? usernames? id? email address?

In general or similar to how the token changes during each login? In general, the only truly unique data in the response that stays the same is the user ID.