Shibboleth IDP for OAuth2
Florian Ritterhoff
ritterhoff.florian at hm.edu
Fri Aug 12 17:38:18 UTC 2022
That works fine so far. The only thing I stumbled over is using
refresh_tokens. Is there an option/way to create a fresh access_token
using a generated refresh_token?
At the moment the new access_token is a IDP-only token without
additional audiences (and in consequence without the previously
requested claims).
Thanks.
Florian Ritterhoff
Am 09.08.2022 um 20:45 schrieb Cantor, Scott via users:
> On 8/9/22, 2:42 PM, "users on behalf of Florian Ritterhoff" <users-bounces at shibboleth.net on behalf of ritterhoff.florian at hm.edu> wrote:
>
>> Yep. Thats prop the issue. How can I configure that a resource server is
>> used/identified :) ?
> Look at the client_credentials support documentation, it covers all those features, they work the same for code grants.
>
> Nominaly you need to identify the resource server per the RFC for that, and then you need the right policy and configuration to allow the OP to respond.
>
> -- Scott
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4816 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://shibboleth.net/pipermail/users/attachments/20220812/2cfe9a26/attachment.p7s>
More information about the users
mailing list