Restrict Issuance of Refresh tokens to specific clients on RH-SSO
Issue
To minimize attack surface, we'd like to restrict issuance of refresh tokens to specific clients of RH-SSO.
Is it supported?
Environment
- Red Hat Single-Sign-On
- 7.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.