This section describes how you can implement OAuth2.0 Authentication in the Web Verifier Client.
Support:
Brainware Web Verifier Client Supports OAuth2.0 Authentication with Authorization flow type. Signature validation of access tokens is supported for RSA signature type. Client Secret setting supports shared secrets.
Refresh Tokens:
If configured to validate token Lifetime, Web Verifier will force a user to log out when their access token expires. Token lifetime can be extended by enabling refresh tokens. When refresh tokens are enabled, Web Verifier will attempt to use the refresh token to obtain a new access token before logging the user out. If the refresh token is expired or the refresh otherwise fails, the user will be logged out as normal. Refresh tokens can be enabled by adding ‘offline_access’ to the scope.