yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

notes/token_exchange_in_iroh_auth.org

Browse source
This commit is contained in:
Yann Esposito (Yogsototh) 2022-06-01 11:44:13 +02:00
parent a0f781c8b9
commit 9464f28a6e
Signed by untrusted user who does not match committer: yogsototh
GPG key ID: 7B19A4C650D59646
1 changed files with 1 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
notes/token_exchange_in_iroh_auth.org
View file

@ -160,16 +160,7 @@ could optionally return an /id_token/ as well as a /refresh_token/.
*** Work to be done
**** First working step
- Expose the Account selection API (work in progress)
- Expose the Account selection API (done, but still fresh)
- Optionally add ~subject_token~ to the account selection API, probably depending
on some scope and/or some audience of the token making the call
- Add support for Token Exchange RFC
**** Potential future steps
- As we provide the ability for 3rd parties to retrieve tokens for SecureX users
we should probably add a layer of client configuration that could add more
advanced rules to control this ability. Typically, we might want to limit
users