-
### Feature Description
When refresh token invalidation is enabled and refresh token replay attack is detected, Gitea should invalidate all refresh tokens for the client following OAuth security …
-
### Preflight checklist
- [X] I could not find a solution in the existing issues, docs, nor discussions.
- [X] I agree to follow this project's [Code of Conduct](https://github.com/ory/hydra/blob/mas…
-
**Description:**
Enhance the current Refresh Token flow between OAuth Proxies to handle the scenario where a locally issued refresh token (`RT_A`) needs to be revoked if the corresponding remote Re…
-
Want to add refresh token and access token if user have to change the password, they can do it using tokens.
-
### Bug Description
Hi,
Not sure what the issue is here. We have a workflow connecting to CrowdStrike (I know!) and after about 1 hour after creating the credentials and the workflow being idle, I s…
-
When a token request with `offline_access` scope is sent with `client_credentials` workflow, it doesn't return a refresh token but it creates it and stores it in the DB. It shouldn't create the refres…
-
The blog post https://www.danvega.dev/blog/2022/09/06/spring-security-jwt, say the following when
> When you reach the point where the trade-offs for self-signed JWTs are not acceptable. An exampl…
-
This probably requires doing something like this: https://auth0.com/blog/securing-a-python-cli-application-with-auth0/
Proposed flow:
1. User runs `viv login`
2. viv CLI opens / gives the user …
-
Checklist:
* [x] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
* [x] I've included steps to reproduce the bug.
* [x] I've pasted the output of `argocd version`.
…
-
This issue was created with the document version "v1"
Right now we are giving recommendations on these tokens:
- Opaque Access Tokens
- JWT Access Tokens (verified online)
- JWT Access Tokens …