libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Add info about consent when revoking refresh tokens (#1664)

Browse source 
Closes #1668
This commit is contained in:
Christian Köberl 2022-08-23 15:35:26 +02:00 committed by GitHub
parent 06bc4af50e
commit 28e907a3fa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
securing_apps/topics/oidc/oidc-generic.adoc
View file

@ -90,7 +90,7 @@ https://openid.net/specs/openid-connect-registration-1_0.html[OpenID Connect Dyn
/realms/{realm-name}/protocol/openid-connect/revoke
....
The token revocation endpoint is used to revoke tokens. Both refresh tokens and access tokens are supported by this endpoint.
The token revocation endpoint is used to revoke tokens. Both refresh tokens and access tokens are supported by this endpoint. When revoking a refresh token the user consent for the corresponding client is also revoked.
For more details on how to invoke on this endpoint, see https://datatracker.ietf.org/doc/html/rfc7009[OAuth 2.0 Token Revocation specification].