Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-312

OIDC - add support for logout and token revocation

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • None
    • 2.1 ER2, SaaS
    • Gateway
    • None

    Description

      Even though it may have a performance impact, or add complexity to the solution, in certain high security environments it is desired to support logout and token revocation for JWTs issued in OIDC flow.

      Note: general best practice is to avoid revocation and instead rely on short-lived tokens and refresh tokens.

      Attachments

        Activity

          People

            pstanko@redhat.com Peter Stanko (Inactive)
            mcheshir@redhat.com Mark Cheshire (Inactive)
            Peter Stanko Peter Stanko (Inactive)
            Votes:
            2 Vote for this issue
            Watchers:
            10 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: