I'm building an app in Blazor where some users are able to edit the permisssions/claims of other users.
Example scenario: Say that user Alice can edit user Bob's claims. Bob may or may not be logged into the app at this time. Regardless, for Alice's changes to take effect without Bob logging out then in again or the server restarting, Bob's claims need to be invalidated.
An acceptable solution for my specific use case would also be to invalidate all users' claims, though I can see this causing performance issues in larger solutions, so specifically targeting users would be the preferred, more generic solution.