Thank you for explanations.
So for now you just have no SDK that can help somehow with OIN right? I only can use your REST API if I make integration for OIN?
Also wanted to ask what about IDX SDK (Identity Engine) - does it work for OIN? And what does it mean the disclaimer on IDX’s github that it’s only available for selected customers? Can I use it in prod or it’s in kinda beta stage or maby something with commercial license?
Org AS do not publish the key used to sign the access token it mints.
Basically I dont’ need the access token - I need only user identity info (id token).
So I should use /introspect to validate access tokens and somehow implement id_token verification and key rotation and other things by myself locally? Is any example or consistent guide for integrate with exactly OIN support?
Thank you