Referring to #74, this is a new type of access tokens. Maybe we should have a name for them, just like the Token Management Tokens.
At the very least, we should say that issuance of this tokens is typically out of band (or if done through an API, it remains unspecified here). And their lifecycle is out of scope.
We could also talk about introspection of these tokens.
Referring to #74, this is a new type of access tokens. Maybe we should have a name for them, just like the Token Management Tokens.
At the very least, we should say that issuance of this tokens is typically out of band (or if done through an API, it remains unspecified here). And their lifecycle is out of scope.
We could also talk about introspection of these tokens.