Part of the OpenID certification. Requesting ID Token with max_age=1 seconds restriction [Basic, Implicit, Hybrid] (OP-Req-max_age=1)
In the OAuth2 authorize flow, you can setup a maxAge for the SSO token.
The idea is to force the user to re-authenticate if the maxAge is hit.
Note: This test is part of the openid certification.
- Authenticate as demo user
- wait 1 second
- Do an authorise code grant flow with max_age=1, like :
the user needs to authenticate again
an error login_required is sent back to the certification tool.