You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently it is possible to invoke the refresh_token grant type with an access_token. We used password grant_type to obain an access_token and a refresh_token. Afterwards we don NOT use the refresh_token but the access_token to invoke the refresh_token grant type.
Is this behaviour intended and if so where can we probably deactivate it?
The text was updated successfully, but these errors were encountered:
Reported in support ticket: https://support.gluu.org/authentication/5635/invoke-refresh_token-grant-type-with-an-access-token/
Currently it is possible to invoke the refresh_token grant type with an access_token. We used password grant_type to obain an access_token and a refresh_token. Afterwards we don NOT use the refresh_token but the access_token to invoke the refresh_token grant type.
Is this behaviour intended and if so where can we probably deactivate it?
The text was updated successfully, but these errors were encountered: