On 21 Apr 2017 3:35 p.m., "Asela Pathberiya" <[email protected]> wrote:
Hi IS/APIM team,
Is $subject in our roadmap ?
We will add this to the roadmap.
This seems to be a required features. Different applications may need the
different user token expiry time based on their security level.
Yes, it seems the application should have this capability to do.
But what is the real use case to have this per user ?
Just heard that; IOT server may has already requirement with that; It is
needed to define a token expiry level based on their device type. Say;
some device's token may be embedded & these token may have longer expiry
time (never expired). Also; some devices type need a less expiry time
based on their security policies. It is not sure how we are handled this
with APIM feature without $subject. But; this can be easily handled, if
we can have such feature inbuilt.
Thanks,
Asela
--
Thanks & Regards,
Asela
ATL
Mobile : +94 777 625 933 <+94%2077%20762%205933>
+358 449 228 979
http://soasecurity.org/
http://xacmlinfo.org/
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
