Revocation.IsRevocationEndpointSecure

Is the revocation endpoint secure

This test determines whether the server's revocation endpoint uses HTTPS.

View source code on GitHub

Documents

This test is part of the following document(s):

• OAuth 2.0 Token Revocation (RFC7009), section 2 (must)
• Financial-grade API Security Profile (FAPI) 1.0 – Part 1: Baseline (FAPI1Base), section 7.1 (must)
• Financial-grade API Security Profile (FAPI) 1.0 – Part 2: Advanced (FAPI1Adv), section 8.5 (must)

Back to the test case overview or the threat overview