Table of Contents
This is a minor update of Authlete 2.3. It includes the following new or enhanced features since the version 2.3.1.
N/A
If “array” is selected, the type of the aud claim of ID tokens always becomes array. If “string” is selected, the type of the aud claim of ID tokens always becomes string.
If “Enable” is selected, an ID token can be reissued in a refresh token flow.
See JavaDoc of TokenResponse class for details.
Choice of the validation schema set that is used to validate the content of ‘verified_claims’.
Authlete recognizes the following names of validation schema sets.
N/A
Support client assertion client authentication method and mTLS at /auth/revocation
API.
Support JWT access tokens at /auth/token/revoke API.
Added the accessTokenDuration
request parameter to the following APIs. When this request parameter holds a positive integer, it is used as the duration of the access token. In other cases, this request parameter is ignored.
/auth/authorization/issue
API/auth/token
API/auth/token/issue
API/backchannel/authentication/complete
APIAdded the locked
response parameter to the following APIs. The parameter indicates whether a client is locked.
/client/get/{clientId}
API/client/get/list
APIAdded the claimsAtUserInfo
response parameter to the following APIs. This parameter represents the claim that the client application requested to be embedded in the userinfo response.
/auth/authorization/
API