---
security:
  - |
    [`bug 1992183 <https://bugs.launchpad.net/keystone/+bug/1992183>`_]
    [`CVE-2022-2447 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2447>`_]
    Tokens issued with application credentials will now have their expiration
    validated against that of the application credential. If the application
    credential expires before the token the token's expiration will be set to
    the same expiration as the application credential.  Otherwise the token
    will use the configured value.