[keycloak-dev] dynamic client registration fixed registration access tokens
sthorger at redhat.com
Wed Jan 4 07:17:13 EST 2017
For health checks do a get which doesn't change the registration access
token. Only updates do.
It's not possible to currently keep the registration access token, but we
should be able to add an option to do so. Supporting last two registration
access tokens might be a good compromise as that would allow retrying the
previous one in the event of a failure, but still allow detecting if the
token is leaked.
On 4 January 2017 at 13:03, Sven Thoms <sven.thoms at gmail.com> wrote:
> For client registration health checks and subsequent request resiliency
> (what if answer with registration access token does not arrive), is it
> possible to keep the registration access token permanent and unchanging,
> once client is registered ?
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
More information about the keycloak-dev