Refresh Tokens in Kubernetes when using an OpenID Provider -


with kube configured point external opendid provider seems through browsing through code kube makes call opendid provider refresh token. when comes expects id_token come back. seems through tracing through code kube respect expire time bearer token , not make call opendid provider until bearer token expires.

is correct description of how refresh tokens work in kube?

kubernetes doesn't have concept of refresh tokens because kubernetes api server isn't client of openid provider, validates id_tokens issues specific client.

clients of openid provider wish talk api server on end user's behalf must manage refresh tokens issue more id_tokens current 1 expires. api server wont you.


Comments

Popular posts from this blog

account - Script error login visual studio DefaultLogin_PCore.js -

xcode - CocoaPod Storyboard error: -