Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Including the RFC-7662 (token introspection) #227

Open
leroy0211 opened this issue May 14, 2018 · 1 comment
Open

Including the RFC-7662 (token introspection) #227

leroy0211 opened this issue May 14, 2018 · 1 comment

Comments

@leroy0211
Copy link

leroy0211 commented May 14, 2018
edited
Loading

Adding token introspection (RFC-7662) would be great!

We are using an API gateway with oauth2 introspection, in which the API gateway will query the oauth2 server to query if a token is still valid and for what user the token will be. Then the API gateway will handle API's based on user-data but only if the introspection succeeds.

A discussion is also opened on stackoverflow
@markstos
Copy link

markstos commented Jun 7, 2018
edited
Loading

Here's a link to the RFC 7662 spec for OAuth 2.0 Token Introspection

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@markstos @leroy0211