Stephen Nielson

@robertjustjones I went and reviewed RFC rfc6749 to make sure what @robertjustjones is saying is correct. It does look like client_id is not required for the refresh_token grant. https://datatracker.ietf.org/doc/html/rfc6749#section-6 Looking...

@robertjustjones Please confirm If you are passing the authorization headers correctly and the client_id is still being required. If so, that would be a bug in our implementation (really a...

@robertjustjones > 2.3.2 [RFC6749](https://tools.ietf.org/html/rfc6749) requires that the authorization server maintain the binding between a refresh token and the client to whom it was issued, and that the authorization server verify...

Another good section to read on this topic for those who are interested is the RFC 6819 Section 4.1.1 best practices document: https://datatracker.ietf.org/doc/html/rfc6819#section-4.1.1

I have a module that needs to run a number of command line scripts. Instead of having to go into the module directory and run the scripts from inside the...

@bradymiller good job, looks like you went with the separate class per command route?

@stephenwaite I realize the other PR I brought in is now creating issues. Do you want this in 7.0.2.1 patch? Or do we bump to 7.0.2.2? I won't be able...

Removed milestone, as the issue is now connected to the milestone to avoid duplicates.

@bradymiller I've verified the commands still work (lot of warnings thrown... but that's the old CCDA).

@robertjustjones We'll need to make sure this passes ONC's inferno test suite. At one point the test tools would fail if Practitioner's did not have NPI numbers. I've been doing...