9d5c2b39fa
The response can simply omit fields that require id_token as the only required field is "active" according to RFC 7662. I think it would be nice for introspection of client credentials tokens to be supported by default without needing to override OIDC_INTROSPECTION_VALIDATE_AUDIENCE_SCOPE, but this is a start. |
||
---|---|---|
.. | ||
images | ||
sections | ||
.gitignore | ||
conf.py | ||
index.rst | ||
make.bat | ||
Makefile |