I think facebook, kube and openshift have different requirements. They can
use persistent tokens because they have complete control over their
lifetime and they are targeted to be used within their environments.
Facebook in particular acts as both AS and resource server.
On Wed, Mar 14, 2018 at 1:02 PM, Bill Burke <bburke(a)redhat.com> wrote:
On Wed, Mar 14, 2018 at 10:55 AM, Schuster Sebastian (INST/ESY1)
<Sebastian.Schuster(a)bosch-si.com> wrote:
> I always thought an offline token is a long-living refresh token...
>
> Best regards,
> Sebastian
>
Yes, that's how OIDC thinks of offline tokens and how we've
implemented it. But facebook, kubernetes, openshift have the concept
of a persistent token that can be used in bearer requests.
Bill
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev