[Openid-specs-fapi] Issue #287: Document the impact of grant changes on issued tokens (openid/fapi)

Dima Postnikov issues-reply at bitbucket.org
Sat Mar 28 12:46:09 UTC 2020


New issue 287: Document the impact of grant changes on issued tokens
https://bitbucket.org/openid/fapi/issues/287/document-the-impact-of-grant-changes-on

Dima Postnikov:

Suggested by Vladimir Dzhuvinov vi the mailing list:

“Effect of grant changes via authz request or mgmt API on issued refresh and access tokens: At present the spec is not explicit on this. I think there should be clear guidance what happens to existing refresh and access tokens linked to a grant\_id when the grant changes. Including those situations when the client is public or multiple client\_id's are linked to a "client". This can be useful for AS implementers as well as client developers, so the latter know exactly what to expect about the tokens when a grant gets modified.”




More information about the Openid-specs-fapi mailing list