Basic, Messages, Standard, Registration, Session - Do we need to use expires_in when the expiration time can be in the tokens?

Issue #308 invalid
Michael Jones
created an issue

We mandate a token and the whole point of OpenID Connect is that the tokens follow an open standard so why are we returning redundant information? Just check the token.

At the very least, we should delete the use of expires_in from all the examples where its use is not essential.

Comments (1)

  1. Log in to comment