I have forever sessions turned on, but sometimes when I refresh the token the response is that the token has been blacklisted, instead of getting a new token.
Is there an event other than PUT to user/session that can black list a forever token?
I don't see any clear description about this in the docs.