Uploaded image for project: 'Ansible Automation Platform RFEs'
  1. Ansible Automation Platform RFEs
  2. AAPRFE-2600

Token introspection endpoint for OAuth clients

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • 2.5
    • platform-gateway
    • False
    • Hide

      None

      Show
      None
    • False

      What is the nature and description of the request?

      currently when creating an OAuth2 client the only way for an external app to validate the token it got from aap is to call /me endpoint , this does not allow the app to know if the token was generated by the OAuth2 clientId it expects

      Why does the customer need this? (List the business requirements here)

      part of RHEM integration - i assume there are other use cases

      How would you like to achieve this? (List the functional requirements here)

      add a token introspection api per https://datatracker.ietf.org/doc/html/rfc7662#section-2.2 

      List any affected known dependencies: Doc, UI etc..

      APi and docs 

              rh-ee-rreed Ron Reed
              rh-ee-abennata Asaf Ben Natan
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: