Define logout, clarify ID Site redirects on login/logout

stormpath / stormpath-framework-spec

Language-agnostic API specification for Stormpath Framework Integrations

12 stars 14 forks source link

Closed robertjd closed 8 years ago

robertjd commented 8 years ago

Closes #43 #25

typerandom commented 8 years ago

Looks good! :+1:

robertjd commented 8 years ago

Thanks @bretterer RE deleting the tokens.

lhazlewood commented 8 years ago

@robertjd shouldn't we have something in here about CSRF? We shouldn't allow requests to this endpoint without CSRF protection really...