[keycloak-dev] Refresh Token Revoke Endpoint
gambol
gambol99 at gmail.com
Tue Apr 19 10:06:10 EDT 2016
Ok ... I found https://issues.jboss.org/browse/KEYCLOAK-2476, which
suggests POST {realm}/protocol/openid-connect/logout, though i've not tried
yet ... Is this standard? should there be a 'revocation_endpoint' in
the .well-known/openid-configuration discovery? ... I noticed the parameter
names i.e. ?token=<TOKEN> vs ?refresh_token=<TOKEN> are different than
Google, Salesforce etc (as we wanted to support other openid providers
along side keycloak)
On Tue, Apr 19, 2016 at 2:48 PM, Ariel Carrera <carreraariel at gmail.com>
wrote:
> +1
> El 19/4/2016 7:34, "gambol" <gambol99 at gmail.com> escribió:
>
>> Hiya
>>
>> I've been searching around but haven't come across anything yet. Does
>> Keycloak support a revoke endpoint? for revoking refresh tokens ... i.e. curl
>> https://accounts.google.com/o/oauth2/revoke?token={token} ..
>>
>> Rohith
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160419/bc9d9c9d/attachment-0001.html
More information about the keycloak-dev
mailing list