and more in a single search tool across platforms. Read the announcement here. |
02/07/2023 02:50 PM
Are the tokens issued by Saviynt (refresh_token) when calling {{url}}/ECM/api/login service is digitally signed?
02/07/2023 07:18 PM - edited 02/07/2023 07:22 PM
Yes, Saviynt uses digital signatures to secure its refresh tokens. The digital signature provides authentication and integrity protection for the refresh token, ensuring that it cannot be modified or tampered with in transit. This helps to prevent unauthorized access to the token and the sensitive information it contains.
02/08/2023 04:21 AM
1. What alg does saviynt uses in signing these tokens?
2. Does Saviynt support any other authentication (client based cert or JWT) instead of standard username/password when calling /ECM/api/login?