Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-7820

Additional delete/revoke token endpoints for Oauth2

    Details

    • Sprint:
      AM Sustaining Sprint 15, AM Sustaining Sprint 16, AM Sustaining Sprint 17, AM Sustaining Sprint 18, AM Sustaining Sprint 19
    • Support Ticket IDs:

      Description

      Requirements from customer to provide an alternative to the : DELETE /frrest/oauth2/token/ endpoint.

      High level requirements:

      This new endpoint should,

      1) Not require a SSOToken, or at least not require that the user re-login to get a SSOToken.

      2) Revoke all a users' tokens using refresh token.

      • API is called with valid access token -> OpenAM revokes that access token and associated refresh token.
        -API is called with valid refresh token -> OpenAM revokes that refresh token.

      3) Subsequent attempts at access via a revoked token will be denied.

      4) Subsequent attempts to access using a different valid token (e.g having initiated logout from a webpage, and then attempting access via a mobile app) then their access is permitted.

      5) API only allows a user to revoke their own tokens. It should not allow a user to revoke tokens other than those detailed here.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jonthomas Jonathan Thomas
                Reporter:
                jonthomas Jonathan Thomas
              • Votes:
                3 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 12h
                  12h
                  Remaining:
                  Time Spent - 10h Remaining Estimate - 2h
                  2h
                  Logged:
                  Time Spent - 10h Remaining Estimate - 2h
                  10h