broch icon indicating copy to clipboard operation
broch copied to clipboard

Published 20 hours ago verified publisher icon tekul

Link configuration "supported" options to behaviour

Open tekul opened this issue 9 years ago • 1 comments

These are currently ignored, other than as provided to the client via the discovery response. The client can still use unsupported options in requests and have them processed. For example

  • responseTypesSupported should be checked when processing an authorization request
  • algorithmsSupported should be checked in id token creation, user info responses, request object (when implemented) and client auth signing. It may be sufficient to check some of them when registering the client, since the client's specific algorithms are stored with its data.

Both these and clientAuthMethodsSupported should be checked when registering the client.

tekul avatar Apr 24 '15 13:04 tekul

See also:

http://tools.ietf.org/html/rfc7591#section-2.1

and

http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata

for information on validating the requested grant types based on supported response types.

tekul avatar Oct 16 '15 00:10 tekul