[keycloak-dev] User ids and usernames
bburke at redhat.com
Fri Feb 7 08:57:56 EST 2014
On 2/7/2014 3:20 AM, Stian Thorgersen wrote:
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: "Stian Thorgersen" <stian at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Friday, 7 February, 2014 3:37:39 AM
>> Subject: Re: [keycloak-dev] User ids and usernames
>> On 2/6/2014 11:05 AM, Stian Thorgersen wrote:
>>>> Yeah, but wanting to know username, first, last, and/or email is just so
>>>> common it should be optimzied.
>>> Have you read OpenID Connect spec yet? Is there anything like that in
>> I read a little bit more...and of course... its in there :) Somebody
>> must be actually using this spec for real apps instead of just writing
>> it. ;)
>> A "Successful Token Response" contains the access token, expiration, and
>> the ID Token.
>> ID token can have a bunch of useful shit in it.
>> I claim OpenID work :) I'll do it after Alpha 2.
> Cool, it'll be nice to have it in :)
> How about refresh tokens? and implicit flow?
We have to support implicit flow? I thought that was a huge security hole?
JBoss, a division of Red Hat
More information about the keycloak-dev