The token introspection API should be limited to just the owner of the ticket and trusted clients.
Metadata Update from @puiterwijk: - Custom field component adjusted to OpenID Connect - Custom field type adjusted to enhancement - Custom field version adjusted to Development
Log in to comment on this ticket.