This test checks whether the authorization server revokes refresh tokens after an access token from the same authorization grant is revoked.
View source code on GitHub
This test is part of the following document(s):
Back to the test case overview or the threat overview