Hi Darshana,
On Sat, Sep 28, 2019 at 8:29 PM Darshana Gunawardana
wrote:
> Hi Johann,
>
> On Sat, Sep 21, 2019 at 10:43 AM Johann Nallathamby
> wrote:
>
>> Hi Thanuja,
>>
>> Did we consider sending the access token itself as a secure, http-only
>> cookie to the browser instead of binding it to
Hi Prakhash,
On Mon, Sep 23, 2019 at 4:34 PM Prakhash Sivakumar
wrote:
> Hi Johann,
>
> On Sat, Sep 21, 2019 at 7:13 AM Johann Nallathamby
> wrote:
>
>> Hi Thanuja,
>>
>> Did we consider sending the access token itself as a secure, http-only
>> cookie to the browser instead of binding it to a s
Hi Thanuja,
On Sat, Sep 28, 2019 at 8:28 PM Darshana Gunawardana
wrote:
> Hi Johann,
>
> On Sat, Sep 21, 2019 at 10:43 AM Johann Nallathamby
> wrote:
>
>> Hi Thanuja,
>>
>> Did we consider sending the access token itself as a secure, http-only
>> cookie to the browser instead of binding it to a
Hi Johann,
On Sat, Sep 21, 2019 at 10:43 AM Johann Nallathamby wrote:
> Hi Thanuja,
>
> Did we consider sending the access token itself as a secure, http-only
> cookie to the browser instead of binding it to a separate cookie? This will
> also simplify the development on the client side, in case
Hi Johann,
On Sat, Sep 21, 2019 at 7:13 AM Johann Nallathamby wrote:
> Hi Thanuja,
>
> Did we consider sending the access token itself as a secure, http-only
> cookie to the browser instead of binding it to a separate cookie? This will
> also simplify the development on the client side, in case
Hi Thanuja,
Did we consider sending the access token itself as a secure, http-only
cookie to the browser instead of binding it to a separate cookie? This will
also simplify the development on the client side, in case someone wants to
build their own SPA.
Regards,
Johann.
On Mon, Sep 2, 2019 at 1
Update:
Table structure will be updated as follows,
IDN_OAUTH2_ACCESS_TOKEN (
TOKEN_ID VARCHAR (255),
ACCESS_TOKEN VARCHAR(2048),
REFRESH_TOKEN VARCHAR(2048),
CONSUMER_KEY_ID INTEGER,
AUTHZ_USER VARCHAR (100),
TENANT_ID INTEG
Hi Hasintha,
We are going to introduce the capability to bind the token to an external
attribute as a part of this feature. So the updated schemas will be as
follows,
IDN_OAUTH2_ACCESS_TOKEN (
TOKEN_ID VARCHAR (255),
ACCESS_TOKEN VARCHAR(2048),
REFRESH_TOKEN VA
Hi Thanuja,
I have few questions on this.
How are we going to bind the token to the cookie (Is this a new entry to a
table) ? Is this an existing cookie (may be commonAuth ID) or a new cookie
?. Furthermore, How are we going to handle the scenario where the same user
logs in from multiple browse
Hi All,
With the introduction of new IAM portal applications, there is a
requirement to provide additional security measures to secure these SPAs.
We have already implemented the OAuth2 authorization code flow(public
client) with PKCE for these applications and with this feature, it will be
possib
10 matches
Mail list logo