Re: [keycloak-dev] Account management requirements for beta1

With regards to account management what additional requirements do we have for beta1? Features I can think off to add now or in the future includes: * Manage refresh tokens - view applications and clients that have refresh tokens, and the ability to invalidate specific tokens * Manage devices - view browsers and devices that have access (remember me cookie?), and the ability to invalidate specific cookies * Manage devices that can bypass totp - it seems to be quite common that it's possible to not require asking for totp again for a specific device, I assume this is done by setting a cookie, if we enable this it should be possible to view what devices have this option, as well as invalidate them * Manage applications - view all applications, be able to navigate to an application, and the ability to invalidate access to specific application * Manage clients - view all clients and what grants they have, and the ability to revoke access to specific client I think listing client grants, invalidate specific client grants, and a logout everything option would be sufficient. The logout everything option would invalidate any refresh tokens, remember me cookies, 'skip' totp cookies and do a sso-logout. _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev