You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add security considerations outlining the importance of using client authentication when using the Access Token (sender constrained, or as bearer token) as Subject Token. Points to cover include:
Implications of a stolen access token - mitigated by client authentication
Limitations on preserving the binding (key is not under control of the entity requesting an assertion)
The text was updated successfully, but these errors were encountered:
As discussed at IETF 121
Add security considerations outlining the importance of using client authentication when using the Access Token (sender constrained, or as bearer token) as Subject Token. Points to cover include:
The text was updated successfully, but these errors were encountered: