On Fri, Mar 30, 2018 at 2:47 PM, Richard Backman, Annabelle <richa...@amazon.com> wrote: > It sounds like you're asking the OP to provide client-side session management > as a service. There may be value in standardizing that, but I think it goes > beyond what Backchannel Logout is intended to do.
Sure, sort of. Though, we would have never implemented these extensions if back channel logout didn't exist as a concept and requirement. Its all in the sometimes ugly business of supporting application developers who have a variety of deployment requirements and restrictions. Bill _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
