Shibboleth IDP for OAuth2
ritterhoff.florian at hm.edu
Fri Aug 12 17:38:18 UTC 2022
That works fine so far. The only thing I stumbled over is using
refresh_tokens. Is there an option/way to create a fresh access_token
using a generated refresh_token?
At the moment the new access_token is a IDP-only token without
additional audiences (and in consequence without the previously
Am 09.08.2022 um 20:45 schrieb Cantor, Scott via users:
> On 8/9/22, 2:42 PM, "users on behalf of Florian Ritterhoff" <users-bounces at shibboleth.net on behalf of ritterhoff.florian at hm.edu> wrote:
>> Yep. Thats prop the issue. How can I configure that a resource server is
>> used/identified :) ?
> Look at the client_credentials support documentation, it covers all those features, they work the same for code grants.
> Nominaly you need to identify the resource server per the RFC for that, and then you need the right policy and configuration to allow the OP to respond.
> -- Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4816 bytes
Desc: S/MIME Cryptographic Signature
More information about the users