GuidesiMIS ProfessionaliMIS EnterpriseClient Support
HomeGuidesAPI ReferenceChangelogDiscussions
GuidesiMIS ProfessionaliMIS EnterpriseClient SupportLog In
Discussions
These docs are for v20.3.44. Click to read the latest docs for v20.3.186.

Discussions

Ask a Question
Back to All

SSO - Issue with refresh_token for unauthorized users.

almost 4 years ago by Chris Mazur

Hi team,

Independently of the level and combination of authentication that we setup in the SSO functionality on iMIS, we always receive a refresh_token with a value in our third-application - which is quite confuse for us as we are not expecting the application to be triggered if the user is not logged in on iMIS first. Or at least we are not expecting a valid string as refresh_token from POST.

Using the iMIS' public URL for the third-app as an unauthorized user - whiteout being logged in - the following code is still executed in iMIS.

Can you please indicate if I might be doing something wrong in the SSO configuration or if that is the expected functionality or if it could be an error on iMIS?

Thanks in advance!

Chris Mazur.-