REST base service clients sharing STS issued token

Question

What prevents REST based service clients to share the STS issued token with each other?

score 0 · Accepted Answer · answered Mar 15 '11 at 19:57

0

Bearer token are like passwords and can be shared or replayed.

answered Mar 15 '11 at 19:57

amit_g

1 Answers1