notes/token_exchange_in_iroh_auth.org
This commit is contained in:
parent
a0f781c8b9
commit
9464f28a6e
1 changed files with 1 additions and 10 deletions
|
@ -160,16 +160,7 @@ could optionally return an /id_token/ as well as a /refresh_token/.
|
|||
|
||||
*** Work to be done
|
||||
|
||||
**** First working step
|
||||
|
||||
- Expose the Account selection API (work in progress)
|
||||
- Expose the Account selection API (done, but still fresh)
|
||||
- Optionally add ~subject_token~ to the account selection API, probably depending
|
||||
on some scope and/or some audience of the token making the call
|
||||
- Add support for Token Exchange RFC
|
||||
|
||||
**** Potential future steps
|
||||
|
||||
- As we provide the ability for 3rd parties to retrieve tokens for SecureX users
|
||||
we should probably add a layer of client configuration that could add more
|
||||
advanced rules to control this ability. Typically, we might want to limit
|
||||
users
|
||||
|
|
Loading…
Reference in a new issue