Skip to content

Use access token and dont re-sign using custom keys.#13

Merged
Nitin Shetty (nbshetty) merged 1 commit into
masterfrom
use-access-token
Oct 5, 2020
Merged

Use access token and dont re-sign using custom keys.#13
Nitin Shetty (nbshetty) merged 1 commit into
masterfrom
use-access-token

Conversation

@nbshetty

Copy link
Copy Markdown

Includes the initial changes to the OKTA Native Auth.

  • Verify the access_token instead of the id_token.
  • Set the TOKEN cookie with the signed access_token and make it secure http only
  • Removed logic to re-sign the token using custom signing key.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need to build a new release?

@nbshetty Nitin Shetty (nbshetty) merged commit 1d83d49 into master Oct 5, 2020
@nbshetty Nitin Shetty (nbshetty) deleted the use-access-token branch October 6, 2020 12:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

2 participants