Hi, Suppose a user login via CAS (OpenID Connect and have refresh token issued [say valid for a week]), later the admin decided to suspended/terminate that account (say staff leave company), how do we cater for such situation?
Invoke the revoke endpoint (/oidc/revoke) or there is hook for that (e.g. add extra account status check during access token renewal)? thank you. -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/3078cdb6-2791-4671-8b2b-a211fc7ffadf%40apereo.org.
