How to revoke OAuth access tokens in ADFS 3.0? -
we looking @ rolling out adfs 3.0 (server 2012 r2). i've searched high , low, doesn't seem possible revoke access and/or refresh tokens have been issued adfs 3.0. has 1 accomplished this?
i'm inclined place api in front end of adfs handle revocation , audit/logging, seems may 'hacked' solution.
some guidance much appreciated.
in general oauth2 tokens cannot revoked (ie there no signout). applicable mechanism disables refresh.... radically different ws-fed passive , saml2 browser sso.
oauth adfs
No comments:
Post a Comment