[Openid-specs-ab] [openid/connect] Registration 2.2.2 - Delete rotate_secret operation (issue #745)

Michael Jones issues-reply at bitbucket.org
Mon Feb 4 21:18:08 UTC 2013

--- you can reply above this line ---

New issue 745: Registration 2.2.2 - Delete rotate_secret operation

Michael Jones:

The rotate_secret operation was invented in OpenID Connect registration at a time that clients were authenticating to the registration endpoint using the client secret.  If the secret was being changed, in the event of a communication failure, the client could be left without a working client secret.  This is no longer the case, since we’re now using OAuth Bearer Tokens to authenticate to the registration endpoint.


This is an issue notification from bitbucket.org. You are receiving
this either because you are the owner of the issue, or you are
following the issue.

More information about the Openid-specs-ab mailing list