Triple-checking the need for a public OSSA on this
Is there a way for the admin to disable all tokens already issued for a tenant he wants to disable ? Then I'd tend to consider this a poor feature with potential security consequences (requiring information) rather than a vulnerability.
Triple-checking the need for a public OSSA on this
Is there a way for the admin to disable all tokens already issued for a tenant he wants to disable ? Then I'd tend to consider this a poor feature with potential security consequences (requiring information) rather than a vulnerability.