[keycloak-dev] Remove admin-url for bearer-only applications
Bill Burke
bburke at redhat.com
Fri Sep 12 08:51:44 EDT 2014
Negative. Bearer-only applications can receive revocation policies.
i.e. "don't accept tokens before this date". In the future we may want
to push things like allowed CORS origins, IP blacklists, user
blacklists, etc. There's also stats we may want to gather from the
applications.
On 9/12/2014 5:25 AM, Stian Thorgersen wrote:
> I propose we remove the "Admin URL" field for bearer-only applications. As a bearer-only application doesn't manage any user sessions there's not much point in propagating logouts to those.
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list