Table of Contents
This is a minor update of Authlete 2.3. It includes the following new or enhanced features since the version 2.3.1.
N/A
If “array” is selected, the type of the aud claim of ID tokens always becomes array. If “string” is selected, the type of the aud claim of ID tokens always becomes string.
If “Enable” is selected, an ID token can be reissued in a refresh token flow.
See JavaDoc of TokenResponse class for details.
Choice of the validation schema set that is used to validate the content of ‘verified_claims’.
Authlete recognizes the following names of validation schema sets.
N/A
Support client assertion client authentication method and mTLS at /auth/revocation API.
Support JWT access tokens at /auth/token/revoke API.
Added the accessTokenDuration request parameter to the following APIs. When this request parameter holds a positive integer, it is used as the duration of the access token. In other cases, this request parameter is ignored.
/auth/authorization/issue API/auth/token API/auth/token/issue API/backchannel/authentication/complete APIAdded the locked response parameter to the following APIs. The parameter indicates whether a client is locked.
/client/get/{clientId} API/client/get/list APIAdded the claimsAtUserInfo response parameter to the following APIs. This parameter represents the claim that the client application requested to be embedded in the userinfo response.
/auth/authorization/ API