Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unclear request method for /securesession/refresh #78

Open
hagould opened this issue Oct 1, 2024 · 2 comments
Open

Unclear request method for /securesession/refresh #78

hagould opened this issue Oct 1, 2024 · 2 comments

Comments

@hagould
Copy link

hagould commented Oct 1, 2024

The basic DBSC spec describes both GET and POST requests to /securesession/refresh, the high level overview only uses GET with headers, but the refresh procedure is showing POST for the scenario where the server chooses to end the session. Is one of these outdated, or otherwise, how would an RP hint to the client which type of request to make?
@chen-chao
Copy link
Contributor

It seems the chart in high level overview is outdated. By design the registration and refresh procedure are very similar, so they should both use POST.

@kmonsen
Copy link
Collaborator

kmonsen commented Oct 21, 2024

Thank you both, I have updated both the text and diagram. Please let me know if I missed a place, or close this issue if it looks OK now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chen-chao @hagould @kmonsen