RFC 7662 support

sam.g · September 13, 2021, 7:17am

Hey there Auth0,

RFC 7662 for secure OAuth2 Token Introspection is broadly required to leverage OAuth2 powered by Auth0. Is there any particular reason why Auth0 doesn’t provide an endpoint to support this standard, despite feature requests for a number of years now? For instance, are there security flaws or other worrisome reasons why it couldn’t be implemented by Auth0?

Since this has been requested a few times, is this feature on the roadmap, and if not, how would one go about petitioning or lobbying to see it scheduled?

dan.woda · September 13, 2021, 9:52pm

Hi @sam.g,

There is an open feature request here.

If you don’t mind, please post there with information about your use case.

sam.g · September 21, 2021, 10:50pm

hey there @dan.woda, thank you. although i see that the feature request opened at that link was only recently filed on June 3rd of this year. is that correct?

if so, does that ticket factor in all the previous requests relating to RFC7662? do i take your response to mean it is not on the roadmap, or can you clarify that it is? this is affecting our decision to purchase enterprise in real time

dan.woda · September 22, 2021, 8:51pm

That is correct.

A feature request topic won’t reflect interest previous to the date it was posted. Users can upvote the topic to indicate their interest.

It is not currently on our release calendar.

Are you working with our sales team? These would be good questions for them and would help advocate for your interest in this feature.

system · October 7, 2021, 8:51pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.