Session JWT

Session JWT is the token Robnu issues to your browser when you log into the Robnu dashboard. It identifies you to the Robnu app, not to any marketplace.

Robnu's JWTs are short-lived (15-minute access, 30-day refresh on use). They're scoped per seller and per user — a JWT for you cannot read or write another seller's data, even if the underlying database had a permission bug.

JWTs hard-expire on logout, on suspicious access, and on Chrome extension de-install. They never persist past their TTL even if your refresh token leaks.