# Manage JWT Blocklist

**ID:** ADM-007
**Priority:** Medium
**Status:** Planned

## User Story
As a platform administrator, I want to view and manage the JWT blocklist so that I can revoke tokens during security incidents and verify that revocations are working.

## Acceptance Criteria
- [ ] View all blocked JWT IDs with metadata
- [ ] Search blocklist by JWT ID or user
- [ ] Manually add JWTs to blocklist
- [ ] View reason for each blocklist entry
- [ ] Blocklist entries show expiration (when they can be removed)
- [ ] Bulk revoke all tokens for a user
- [ ] Bulk revoke all tokens for an organization
- [ ] Automatic cleanup of expired blocklist entries

## Technical Notes
- JwtManager has `blockedJwtIdList` infrastructure
- `pushOrGetJwtIdBlocklist` endpoint exists
- Need admin UI for blocklist management
- ReceptionHousekeeping could handle cleanup
- Consider Redis for high-performance blocklist checks

## Related TODOs
- Enhancement to existing blocklist infrastructure