Hi guys, Currently I'm using CAS and OAuth 2.0 protocol and would like to switch to OIDC. As I saw OIDC implementation is built on top of OAuth implementation. It is using the same mechanism to generate Access and Refresh token, and adds new ID token to response.
Is it possible to use ID token as Access token or will it be possible in a future version of CAS server ? I have several Rest API resource servers and all of them has to send requests to CAS server to validate Access Token. If I switch to OIDC I expected Access Token is the same as ID token so my Rest APIs can validate JWT token without sending request to CAS server. However Access Token still is meaningless text, and all have to be done the same like for OAuth 2.0 protocol. Am I wrong ? Could this be done in OIDC/ID token way or not ? Best regards, Ivan -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/25f262a4-b90c-4b5f-96ee-113b3299d247%40apereo.org.
