Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Make sure token-exchange is allowed just if client is within token audience #37109

New issue
New issue
Closed
#37255
Closed
Make sure token-exchange is allowed just if client is within token audience#37109
#37255
Assignees
graziang
Labels
area/token-exchangekind/taskrelease/26.2.0team/core-clients
@mposolda

Description

@mposolda
mposolda
opened on Feb 6, 2025

Once we remove FGAP, we should at least make sure that requester client, which triggers token-exchange request, is included as an audience in the provided subject_token . Related task is #37108 for removing FGAP (Maybe makes sense to do both these tasks together?)

Metadata

Metadata

Assignees

Labels

area/token-exchangekind/taskrelease/26.2.0team/core-clients

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions