All work
- AdministrativeLogoutConfiguration for OIDCJOIDC-235Henri Mikkonen
- Provide method to customise response message contentsJOIDC-211Resolved issue: JOIDC-211Henri Mikkonen
- Provide method to avoid Nimbus message parsing restrictionsJOIDC-206Resolved issue: JOIDC-206Henri Mikkonen
- Support for OAuth2 Attestation-Based Client AuthenticationJOIDC-204Henri Mikkonen
- Support for OAuth 2.0 Demonstrating Proof of Possession (DPoP)JOIDC-201Resolved issue: JOIDC-201Henri Mikkonen
- Enhance metadata and unregistered client policy config optionsJOIDC-196Resolved issue: JOIDC-196Henri Mikkonen
- Support additional refresh token typesJOIDC-186Resolved issue: JOIDC-186Henri Mikkonen
- Support unregistered client policies in userinfo/token/introspection/revocationJOIDC-171Resolved issue: JOIDC-171Henri Mikkonen
- Introspection endpoint reads token from query-parametersJOIDC-165Resolved issue: JOIDC-165Henri Mikkonen
- Support non-URI client_id values used as resource indicatorsJOIDC-155Resolved issue: JOIDC-155Henri Mikkonen
- Possible race condition when validating client secret against the RP metadataJOIDC-146Resolved issue: JOIDC-146Henri Mikkonen
- Improve token audience handling with JWT authenticationJOIDC-144Resolved issue: JOIDC-144Henri Mikkonen
- Add property for defining c14n flows for the OAuth2Client flowJOIDC-139Resolved issue: JOIDC-139Henri Mikkonen
- Allow customization for mappedErrors of OP flowsJOIDC-133Resolved issue: JOIDC-133Henri Mikkonen
- Introspection and revocation endpoint authentication failing with private_key_jwtJOIDC-102Resolved issue: JOIDC-102Henri Mikkonen
- Inbound and outbound interceptor flows are not wired to the OIDC flowsJOIDC-89Resolved issue: JOIDC-89Henri Mikkonen
- Introspection and revocation flows don't support SAML metadataJOIDC-67Resolved issue: JOIDC-67Henri Mikkonen
- Mutual TLS client authenticationJOIDC-66Henri Mikkonen
- Support for client_credentials grantJOIDC-11Resolved issue: JOIDC-11Scott Cantor
19 of 19
AdministrativeLogoutConfiguration for OIDC
Basics
Logistics
Basics
Logistics
Description
Environment
None
Details
Details
Details
Created November 5, 2024 at 11:58 PM
Updated November 13, 2024 at 6:27 PM
Activity
Scott CantorNovember 6, 2024 at 12:09 AM
It seems like it should be pretty simple to add an option to resolve attributes against the revocation token subject and check a resolved attribute for a timestamp to apply to revoke all tokens issued prior.
Have to think about how to apply it consistently to all the places we validate tokens but apart from that it should be pretty simple to do.
I know we talked about stateless revocation a little while ago, but I don’t know if I specifically suggested this or not. I should have if I didn’t.
Feature request, could we have the AdministrativeLogoutConfiguration available in OIDC (ex: refresh token) as well?
Many thanks,
-Vivien