Forum Discussion
Introspection endpoint for Azure Active Directory
Hi, There are instances where a user logs off/out but the access token associated with the user on the client does not expire (based on the access token lifetime). This can lead to situations wh...
Key expiration / revocation is a critical function that Azure does not address properly with their lack of an introspection endpoint.
The net result of the current Microsoft implementation of OAuth JWTs is that Azure is not a suitable user directory when credential revocation is time sensitive.
The net result of the current Microsoft implementation of OAuth JWTs is that Azure is not a suitable user directory when credential revocation is time sensitive.