0010363: Need a concept of RefreshTokens in AuthorizationService

ID	Project	Category	View Status	Date Submitted	Last Update

0010363	10000-012: Discovery	Spec	public	2025-06-04 15:28	2025-09-25 07:26

Reporter	Matthias Damm	Assigned To	Randy Armstrong
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	assigned	Resolution	fixed
Target Version	1.05.06 RC1

Summary	0010363: Need a concept of RefreshTokens in AuthorizationService
Description	Do we have / need a concept of RefreshTokens that existis in OAuth2/OpenId?? At the moment the client would need to keep the password in memory to do a refresh with user/pw Would this be a second method? A second methos would also indicate that the refresh token handling is supported
Tags	No tags attached.

Commit Version	1.05.07 RC1
Fix Due Date	2025-11-15

Date Modified	Username	Field	Change
2025-06-04 15:28	Matthias Damm	New Issue
2025-06-04 15:31	Matthias Damm	Summary	How do we handle key rotation in AuthorizationService => Nee a concept of RefreshTokens in AuthorizationService
2025-06-04 15:31	Matthias Damm	Description Updated
2025-06-04 15:31	Matthias Damm	Summary	Nee a concept of RefreshTokens in AuthorizationService => Need a concept of RefreshTokens in AuthorizationService
2025-06-04 15:32	Jim Luth	Assigned To	=> Randy Armstrong
2025-06-04 15:32	Jim Luth	Status	new => assigned
2025-06-04 15:32	Jim Luth	Product Version	1.05.04 =>
2025-06-04 15:32	Jim Luth	Commit Version	=> 1.05.06 RC1
2025-06-04 15:32	Jim Luth	Fix Due Date	=> 2025-06-15
2025-09-16 06:05	Randy Armstrong	Status	assigned => resolved
2025-09-16 06:05	Randy Armstrong	Resolution	open => fixed
2025-09-16 06:05	Randy Armstrong	Note Added: 0023284
2025-09-25 07:26	Jim Luth	Status	resolved => assigned
2025-09-25 07:26	Jim Luth	Commit Version	1.05.06 RC1 => 1.05.07 RC1
2025-09-25 07:26	Jim Luth	Fix Due Date	2025-06-15 => 2025-11-15

Randy Armstrong 2025-09-16 06:05 administrator ~0023284	Added 9.6.6 RequestAccessToken2 and 9.6.7 RefreshToken