[Openid-specs-mobile-profile] Issue #76: CIBA treatment of refresh tokens is somewhat inconsistent or unclear (openid/mobile)
Brian Campbell
issues-reply at bitbucket.org
Thu Jul 12 19:08:25 UTC 2018
New issue 76: CIBA treatment of refresh tokens is somewhat inconsistent or unclear
https://bitbucket.org/openid/mobile/issues/76/ciba-treatment-of-refresh-tokens-is
Brian Campbell:
The treatment of refresh tokens seems a bit inconsistent with some text sounding like it might imply that RT will/must always be returned. Other text is more clear that it's optional, which is is the case with other OAuth flows/grants, and how it should probably also be throughout CIBA.
More information about the Openid-specs-mobile-profile
mailing list