mlyon-ims
commented
2 years ago Proposal: Verify in the conformance requirements that this is NOT required.
Closed mlyon-ims closed 1 year ago
mlyon-ims
commented
2 years ago Proposal: Verify in the conformance requirements that this is NOT required.
ottonomy
commented
2 years ago Including a refresh token in the initial token Grant is optional. But if the refresh token is included, it seems like we could test conformance of the refresh token endpoint if we want.
Just saying I agree with the issue and am in favor of clarifying what is and is not tested for conformance quite precisely.
Currently there are no plans to test revoke/refresh, so to resolve the issue, clarification should be added to the conformance requirements in the spec to indicate that this will not be tested.
martyr280
commented
2 years ago +1 for @mlyon-ims proposal
justinpitcher
commented
1 year ago My reaction is that testing refresh token behaviour isn't strictly necessary, as it becomes a test of another spec.
This is described in the spec document, but not mentioned in the conformance requirements.