aarc-community / architecture-guidelines

3 stars 0 forks source link

Token types to give recommendations for in G081 #35

Open marcvs opened 1 month ago

marcvs commented 1 month ago

This issue was created with the document version "v1"

Right now we are giving recommendations on these tokens:

Please comment on this issue to suggest adding or removing tokens.

msalle commented 1 month ago

You have OAuth Refresh Tokens twice?

marcvs commented 1 month ago

You have OAuth Refresh Tokens twice?

Fixed (I had rotated and non-rotated ones)

marcvs commented 1 month ago

Meeting Oct 31:

Token protection tokens go into a different document

marcvs commented 3 weeks ago

Remaining question: Do we mention "Token protection Tokens" (i.e. Vault + Mytoken) in the doc or not?

vardizzo-lab commented 2 weeks ago

I would like to propose to insert in the document a very brief description of the OAuth2 token types (subject of the document as specified in the introduction chapter) before or within the chapter "2 Token properties" something very synthetic similar to the one proposed below:

Access Token

Refresh Token