libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Update oidc-generic.adoc

Browse source
This commit is contained in:
MANAS PATNAIK 2020-07-21 20:07:22 +05:30 committed by Bruno Oliveira da Silva
parent 08d58b57af
commit bcea5ebfbb
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
securing_apps/topics/oidc/oidc-generic.adoc
View file

@ -97,7 +97,7 @@ For more details on how to invoke on this endpoint, see https://tools.ietf.org/h
==== Validating Access Tokens
If you need to manually validate access tokens issued by {project_name} you can invoke the <<_token_introspection_endpoint,Introspection Endpoint>>.
The downside to this approach is that you have to make a network invocation to the {project_name} server. This can be slow and possibily overload the
The downside to this approach is that you have to make a network invocation to the {project_name} server. This can be slow and possibly overload the
server if you have too many validation requests going on at the same time. {project_name} issued access tokens are https://tools.ietf.org/html/rfc7519[JSON Web Tokens (JWT)] digitally signed and encoded using https://www.rfc-editor.org/rfc/rfc7515.txt[JSON Web Signature (JWS)].
Because they are encoded in this way, this allows you to locally validate access tokens using the public key of the issuing realm. You can either hard code the
realm's public key in your validation code, or lookup and cache the public key using the <<_certificate_endpoint, certificate endpoint>> with the Key ID (KID) embedded within the