Feature: Possibility to query “refresh token family” lifetime through management api
Description: When enabling refresh token rotation, a ‘refresh token family’ (wording taken from documentation) is issued that has an absolute expiration date, much like an access token has. However it is not possible to see this expiration date anywhere. To enable seamless offline access, applications need a way to query for this information, e.g. through the device-credentials or client-grants endpoint.
Use-case: We enable applications to get offline access to our APIs. We accept the fact that a user has to regularly renew his grants, but if we don’t know when the user needs to do this it leads to situations where the application suddenly looses access and needs to contact the user about this. This interruption might be quite severe for our customers. If we could tell them the remaining time on their access/refresh token “family”, they could ask the user to renew their token days or weeks in advance to circumvent such interruptions
Looking forward to your feedback on this feature request!