jjg-123
commented
3 days ago Maybe... This can easily be done with a little QDL script, so overloading the request is probably just sugar coating it.
Open jjg-123 opened 1 week ago
jjg-123
commented
3 days ago Maybe... This can easily be done with a little QDL script, so overloading the request is probably just sugar coating it.
In the client credentials flow, it is possible that the sub for the access token is different than the sub for the id token, but there is really no good way to specify this. We allow for a sub parameter in the request, and should add an at_sub parameter for access tokens. Now the AT subject has to be set by a QDL script.