[Openid-specs-ab] Declaring that the Client performs no Client Authentication

Mike Jones Michael.Jones at microsoft.com
Thu Nov 28 02:17:43 UTC 2013

Justin proposed that we add the following to the set of Client Authentication identifiers:

The Client does not authenticate itself at the Token Endpoint, either because it uses only the Implicit Flow (and so does not use the Token Endpoint) or because it is a Public Client with no Client Secret or other authentication mechanism.

Any objections or proposed rewording?

                                                                -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131128/96e227a8/attachment-0001.html>

More information about the Openid-specs-ab mailing list