You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If an ID Token is returned as a result of a token refresh request, if the ID Token contains an auth_time Claim, its value MUST represent the time of the original authentication - not the time that the new ID token is issued.
This claim is optional but REQUIRED if the max_age parameter is specified or it the auth_time is part of the claims request. We decided to always provide this claim during the Financial-grand API conformance implementation since this claim was return by default in some cases.
The text was updated successfully, but these errors were encountered:
If an ID Token is returned as a result of a token refresh request, if the ID Token contains an auth_time Claim, its value MUST represent the time of the original authentication - not the time that the new ID token is issued.
https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse
According to OIDC specification (https://openid.net/specs/openid-connect-core-1_0.html#IDToken),
This claim is optional but REQUIRED if the max_age parameter is specified or it the auth_time is part of the claims request. We decided to always provide this claim during the Financial-grand API conformance implementation since this claim was return by default in some cases.
The text was updated successfully, but these errors were encountered: