[Openid-specs-ab] [openid/connect] Discovery token_endpoint_auth_algs_supported not supporting symmetric algs (issue #665)

John Bradley issues-reply at bitbucket.org
Wed Oct 10 23:31:11 UTC 2012

--- you can reply above this line ---

New issue 665: Discovery token_endpoint_auth_algs_supported not supporting symmetric algs

John Bradley:

I just noticed that the Provider Configuration Response in Discovery* defines token_endpoint_auth_algs_supported as "A JSON array containing a list of the JWS signing algorithms [JWA] supported by the Token Endpoint for the private_key_jwt method to encode the JWT [JWT]. Servers SHOULD support RS256."

Was that intended to only cover the private_key_jwt asymmetric algorithms? What about algorithms for client_secret_jwt? I didn't see anything about the supported MAC algorithms client_secret_jwt. Is that an accidental omission or is there some reason it's not there that I'm missing?


Responsible: ve7jtb

This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.

More information about the Openid-specs-ab mailing list