diff options
Diffstat (limited to 'yuck.mdwn')
-rw-r--r-- | yuck.mdwn | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -41,7 +41,8 @@ Muck JSON store, but support for, say, LDAP can be added. ## Terminology and concepts * **access token**: a token which grants access to a service or - resource; usually short-lived, but see refresh token + resource; usually quite short-lived (maybe less than a minute), + since it can't be easily revoked, but see refresh token * **API client**: a program that uses the API, either on behalf of an end-user, or on its own behalf @@ -85,7 +86,8 @@ Muck JSON store, but support for, say, LDAP can be added. end users; see [OIDC][] * **refresh token**: a token that can be used to get a new access - token; usually long-lived, but can be revoked + token; usually long-lived, but can be revoked, since every use can + be checked by the IDP * **relying party**: software that relies on the IDP for authentication and authorization; often a resource provider, but can |