RFC 7662 for secure OAuth2 Token Introspection is broadly required to leverage OAuth2 powered by Auth0. Is there any particular reason why Auth0 doesn’t provide an endpoint to support this standard, despite feature requests for a number of years now? For instance, are there security flaws or other worrisome reasons why it couldn’t be implemented by Auth0?
Since this has been requested a few times, is this feature on the roadmap, and if not, how would one go about petitioning or lobbying to see it scheduled?
hey there @dan.woda, thank you. although i see that the feature request opened at that link was only recently filed on June 3rd of this year. is that correct?
if so, does that ticket factor in all the previous requests relating to RFC7662? do i take your response to mean it is not on the roadmap, or can you clarify that it is? this is affecting our decision to purchase enterprise in real time