Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16306

Document or allow configuration of Oauth/JWT Verification Time Skew

    XMLWordPrintable

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 6.5.2.3
    • None
    • oauth2
    • AM 6.5x
    • Rank:
      1|i013tr:

    Description

      If you call idtokeninfo with an expired token, this will succeed for 5 minutes past the expiration time.

      We need to determine if we document this, and/or allow this to be configurable. 

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              william.hepler William Hepler
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated: