- Access Tokens
- Refresh Tokens
- ID Tokens
- Proof-of-Possession (PoP) Tokens
- PKCE (RFC 7636)
- Using "Client ID Alias"
- Token management policy when deleting clients
- Authlete's policy on managing clients which have been authorized by user
- Authorization Requests
- User Authentication
- Error Handling
- Client Authentication
- Userinfo Endpoint
- Device Flow (RFC 8628)
Token management policy when deleting clients
When deleting a client, Authlete automatically deletes access tokens and refresh tokens issued to the client. Therefore, a service owner does not have to call token management APIs to delete tokens.
How did we do with this article?