Bypassing session using OIDC plugin
Michael Zillhart
michael.zillhart at gmail.com
Wed Oct 19 23:37:54 UTC 2022
Hi,
I have a scenario where a user is already logged in and I want to retrieve
a token for a different user without affecting the already logged in user's
session. It looks like the "password" grant type at the token endpoint
would provide the best experience although it isn't implemented.
Is there an alternative way to retrieve the different user's token without
affecting the session for the current logged in user? I tried using the
"donotcache" option during login at the authorize endpoint however it still
detected an identity switch and modified the session.
Thanks,
Michael Zillhart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20221019/bd24527a/attachment.htm>
More information about the users
mailing list