[keycloak-dev] OAuth2 Offline Token Introspection
Marek Posolda
mposolda at redhat.com
Tue Jun 7 02:35:11 EDT 2016
Hi,
it seems that oauth2 token introspection specs doesn't have any direct
support for OIDC offline tokens. However you can possibly create JIRA
for it. Currently it seems we consider token as valid just if there is
"online" valid userSession. In case of offlineToken, it should check
"offline" session instead.
Marek
On 06/06/16 19:12, Jorge M. wrote:
> Hi,
>
> I'm using the oauth2 token introspection feature in order to validate
> and get info about tokens, however I'm not being able to get info of
> offline_tokens. Is that possible? Or does it make sense?
>
> Thank you,
> JM
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160607/ee19f610/attachment.html
More information about the keycloak-dev
mailing list