[mitreid-connect] Session Management

Christian Metzler Christian.Metzler at abas.de
Mon May 19 05:04:50 EDT 2014


Hi,

I'm currently evaluating the MitreID Connect implentation. I wonder if 
there are plans to implement the Session Management specification 
according to http://openid.net/specs/openid-connect-session-1_0.html

In addition I would be interested if it is possible to revoke all tokens 
for a specific user session programatically. This would enable a single 
logout. My idea is to specify a new scope (similar to offline_access) 
called online_access which specifies, that a client only can get new 
access tokens as long as the session is alive.

Regards,

Christian


More information about the mitreid-connect mailing list