When you generate a registration command in global host registration, {Project} also generates a unique JSON Web Token (JWT) that is used to authorize the registration call from a host to {ProjectServer}. If needed, you can invalidate a previously issued JWT.
A JWT is bound to the user that generated the registration command.
Users can configure a custom validity duration for the JWT. If the validity duration is too long or if the JWT has been compromised, the JWT poses a security concern. To mitigate this concern, the {Project} administrator or users with adequate permissions can invalidate existing JWTs.
You can also temporarily disable registration tokens by disabling a user. When you reenable the user, the user will be able to continue using their registration tokens.