I use Oauth2 to secure my web API. My problem is :
User "A" with account "A" login , access token "A" is granted . User "B" login with account "A" , access token "B" is granted. Then both access token "A","B" can access to my resources( same account "A" ).
How can I change this behavior so that when User "B" logs in, access token B is granted and access token "A" is expired.
Thank you.