[keycloak-dev] Remove admin-url for bearer-only applications

Bill Burke bburke at redhat.com
Fri Sep 12 08:51:44 EDT 2014


Negative.  Bearer-only applications can receive revocation policies. 
i.e. "don't accept tokens before this date".  In the future we may want 
to push things like allowed CORS origins, IP blacklists, user 
blacklists, etc.  There's also stats we may want to gather from the 
applications.

On 9/12/2014 5:25 AM, Stian Thorgersen wrote:
> I propose we remove the "Admin URL" field for bearer-only applications. As a bearer-only application doesn't manage any user sessions there's not much point in propagating logouts to those.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list