3.5.1 TODOΒΆ
Verify the application does not treat OAuth and refresh tokens — on their own — as the presence of the subscriber and allows users to terminate trust relationships with linked applications.
| Level 1 | |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 290 | 7.1.2 |