Skip to content

remove refresh token requirement on RPs #104

New issue
New issue
Closed
Closed
remove refresh token requirement on RPs#104
Assignees
aaronpkdeansaxe
Labels
January 2026 InteropExpected to be completed by end of Sept. 2025 for the Jan. 2026 interop.sl1
@aaronpk

Description

@aaronpk
aaronpk
opened on Aug 12, 2025

The OIDC SL1 profile currently says that RPs "MUST support refresh tokens and their rotation". I don't think this makes much sense now that access tokens are only for OP resources. I think we should just remove this requirement.

Metadata

Metadata

Assignees

Labels

January 2026 InteropExpected to be completed by end of Sept. 2025 for the Jan. 2026 interop.sl1

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions