Yes, but to expose it in its current form, it will leak tokens that, while revoked, might not yet be identified as such by a service. There will be a window in which a revoked token will be usable, and this open a security vulnerability.
We are goint to redo the revocation in Icehouse timeframe.
Yes, but to expose it in its current form, it will leak tokens that, while revoked, might not yet be identified as such by a service. There will be a window in which a revoked token will be usable, and this open a security vulnerability.
We are goint to redo the revocation in Icehouse timeframe.