This repository has been archived by the owner on Jun 23, 2023. It is now read-only.
feat: granular usage_rules for tokens #121
Labels
enhancement
New feature or request
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In usage_rules ,which is set per grant, we can specify the life time of a token but also how many times a token can be used.
oidc-op/example/flask_op/config.json
Line 68 in 41d7f5e
For instance an access code (which is just another token) can only be used once.
This means that we can specify that a refresh token can only be used N times.
The counter will not increase for token_introspection requests.
For the moment usage_rules as set in the configuration is valid for the whole server. We probably want to be able to set usage_rules per client.
The text was updated successfully, but these errors were encountered: