[Openid-specs-ab] OP is not supporting client_secret_post according to 'token_endpoint_auth_methods_supported' in the provider configuration

Justin Richer jricher at mit.edu
Thu Jul 21 13:49:54 UTC 2016


Looking at the error, I'd ask what's in your 
"token_endpoint_auth_methods_supported" field of your IdP's discovery 
document? MITREid currently outputs this:

"token_endpoint_auth_methods_supported": [
     "client_secret_post",
     "client_secret_basic",
     "client_secret_jwt",
     "private_key_jwt",
     "none"
]

  -- Justin


On 7/21/2016 9:03 AM, Hasanthi Purnima Dissanayake wrote:
> Hi All,
> Can anyone please let me know the reason for getting below when 
> running Access token request with client_secret_post authentication 
> (OP-ClientAuth-SecretPost-Static) test case.
>
> Result: WARNING
> Warnings:
> OP is not supporting client_secret_post according to 
> 'token_endpoint_auth_methods_supported' in the provider configuration
>
> Thanks,
>
> HasanthiDissanayake
>
> Software Engineer | WSO2
>
> E: hasanthi at wso2.com <mailto:hasanthi at wso2.com>
>
> http://wso2.com <http://wso2.com/>
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20160721/eb62998d/attachment.html>


More information about the Openid-specs-ab mailing list