Here is another view point, by allowing clients to specify a short lived token. What you actually allowing the client to accomplish in one task is the otherwise two step procedure of requesting a token, and subsequently expiring a token.
I can't think of an overwhelming reason, why this process needs to be simplified at this point.
Here is another view point, by allowing clients to specify a short lived token. What you actually allowing the client to accomplish in one task is the otherwise two step procedure of requesting a token, and subsequently expiring a token.
I can't think of an overwhelming reason, why this process needs to be simplified at this point.