Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16306

Document or allow configuration of Oauth/JWT Verification Time Skew

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 6.5.2.3
    • Fix Version/s: None
    • Component/s: oauth2
    • Environment:
      AM 6.5x
    • Support Ticket IDs:

      Description

      If you call idtokeninfo with an expired token, this will succeed for 5 minutes past the expiration time.

      We need to determine if we document this, and/or allow this to be configurable. 

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              william.hepler William Hepler
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated: