From 74c0e27d6e99a54e2abdeb45b5c01a9561401a1c Mon Sep 17 00:00:00 2001 From: Hynek Mlnarik Date: Tue, 5 Jun 2018 09:54:41 +0200 Subject: [PATCH] KEYCLOAK-7507 Update link to token exchange draft --- securing_apps/topics/token-exchange/token-exchange.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/securing_apps/topics/token-exchange/token-exchange.adoc b/securing_apps/topics/token-exchange/token-exchange.adoc index 6121cff2b4..c67e104da3 100644 --- a/securing_apps/topics/token-exchange/token-exchange.adoc +++ b/securing_apps/topics/token-exchange/token-exchange.adoc @@ -17,7 +17,7 @@ to impersonate a user. Here's a short summary of the current capabilities of {p * A client can exchange an external token for a {project_name} token. * A client can impersonate a user -Token exchange in {project_name} is a very loose implementation of the link:https://www.ietf.org/id/draft-ietf-oauth-token-exchange-13.txt[OAuth Token Exchange] specification at the IETF. +Token exchange in {project_name} is a very loose implementation of the link:https://www.ietf.org/id/draft-ietf-oauth-token-exchange-14.txt[OAuth Token Exchange] specification at the IETF. We have extended it a little, ignored some of it, and loosely interpreted other parts of the specification. It is a simple grant type invocation on a realm's OpenID Connect token endpoint. @@ -72,7 +72,7 @@ NOTE: We currently only support OpenID Connect and OAuth exchanges. Support f A successful response from an exchange invocation will return the HTTP 200 response code with a content type that depends on the `requested-token-type` and `requested_issuer` the client asks for. OAuth requested token types will return -a JSON document as described in the link:https://www.ietf.org/id/draft-ietf-oauth-token-exchange-13.txt[OAuth Token Exchange] specification. +a JSON document as described in the link:https://www.ietf.org/id/draft-ietf-oauth-token-exchange-14.txt[OAuth Token Exchange] specification. [source,json] ----