spring-authorization-server
spring-authorization-server copied to clipboard
spring-projects
Spring Authorization Server
Publish a guide on How-to: Customize form based login Related gh-499
**Expected Behavior** It would be great if we could add a custom claim validator for client authentication using JWT assertion. This will allow additional validations to be done on the...
Publish a guide on How-to: Authenticate a user with two-factor authentication Related gh-499
I am thinking of A single Authorization server in an organization providing identity federation for multiple clients(tenants), where tenant data should be isolated from each other. Other OAuth servers like...
Publish a guide on How-to: Deny access for a revoked JWT access token - How-to: Introspect / revoke an access token Related gh-499
As per section [3.2.3.1. Error Response](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-04#section-3.2.3.1): > "invalid_client": Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401...
This feature will deliver [OAuth 2.0 Token Exchange](https://tools.ietf.org/html/rfc8693).
This feature will deliver [OpenID Connect Session Management 1.0](https://openid.net/specs/openid-connect-session-1_0.html).
This feature will deliver [OAuth 2.0 Dynamic Client Registration Protocol](https://tools.ietf.org/html/rfc7591).
We should have a How-to guide on a dynamic client registration. As in adding a client to the registered client repository (JDBC/any) at runtime.