Support for RFC7662 OAuth2.0 Token Introspection #706
Comments
|
To all users of this library : use https://github.com/panva/node-oidc-provider instead, highly maintained, no issue (& 684 closed), with litteraly almost all OAuth2.0 RFC implementation ! Sincerly, A developer which was suffering with this library because of lack of RFC support |
|
panva just closed his main source of informations : issues and comments .... good luck there too |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature request to support RFC7662 OAuth2.0 Token Introspection endpoint
https://datatracker.ietf.org/doc/html/rfc7662
When an OAuth 2.0 client makes a request to the resource server, the resource server needs some way to verify the access token. The OAuth 2.0 core spec doesn’t define a specific method of how the resource server should verify access tokens, just mentions that it requires coordination between the resource and authorization servers. In some cases, especially with small services, both endpoints are part of the same system, and can share token information internally such as in a database. In larger systems where the two endpoints are on different servers, this has led to proprietary and non-standard protocols for communicating between the two servers.The text was updated successfully, but these errors were encountered: