[Openid-specs-ab] OpenID Provider Commands - proposed WG specification
Dick Hardt
dick.hardt at gmail.com
Tue Feb 18 21:05:02 UTC 2025
the `unauthorize` command kills all the sessions
the `suspend`, `deactivate`, and `delete` command also kill all the
sessions as well as change the state of the account.
On Tue, Feb 18, 2025 at 12:40 AM Michael Schwartz via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:
> When I see "Suspend" account, I want to instantly revoke all the JWT
> tokens. But this protocol is more about house-cleaning at the RP. Looks
> good to me if RP's are convinced to implement all these methods.
>
>
> ------------------------------
> *CONFIDENTIALITY NOTICE*
> This message may contain confidential or legally privileged information.
> If you are not the intended recipient, please immediately advise the
> sender by reply e-mail that you received this message, and delete this
> e-mail from your system.
> Thank you for your cooperation
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250218/fdcca42c/attachment.htm>
More information about the Openid-specs-ab
mailing list