Closed Fedelists closed 3 years ago
Can someone help to confirm whether token validation is implemented or not? My understanding is that it is mandatory.
The library does not validate the ID token. That is something that client's typically don't need if you are using the full OAuth2 flow. However, that is something you can choose to implement on your own.
Hello team, I am new to the library and I am trying to understand if the library validates the ID Token. I do not seem to find any of the validation steps described in section 3.1.3.7. - ID Token Validation - of the specs.
Can someone help to confirm whether token validation is implemented or not? My understanding is that it is mandatory.