-
Notifications
You must be signed in to change notification settings - Fork 828
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Change default of refresh token format #2406
Conversation
Default should be opaque, at least the default. History about cloudfoundry/uaa-release#93 Some tests rely on JWT for refresh, therefore added for these tests again jwt.token.refresh.format=jwt
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/185625077 The labels on this github issue will be updated when the story is started. |
Need discuss deprecation timeline and notificaiton. |
Can someone help me to understand this statement? Was there some offline discussion? What deprecation are we talking about? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is my understanding this change affects the UAA API doc, config.tokenPolicy.refreshTokenFormat
at https://docs.cloudfoundry.org/api/uaa/version/76.16.0/index.html#creating-an-identity-zone for example. Do we have plan to also update the doc?
Thanks , missed that. So this PR simply changes the default but if some one wants JWT for refresh tokens, then this can be configured, now with an extra step |
Default should be opaque, at least the default.
History about
cloudfoundry/uaa-release#93
Some tests rely on JWT for refresh, therefore added for these tests again jwt.token.refresh.format=jwt