[Openid-specs-ab] OP is not supporting client_secret_post according to 'token_endpoint_auth_methods_supported' in the provider configuration

Hasanthi Purnima Dissanayake hasanthi at wso2.com
Thu Jul 21 13:57:10 UTC 2016


Hi Justing,

Still we have not implemented OIDC discovery. So we don't have such
configuration.  We are just running the test cases for basic profile. Do we
need to have this configuration which comes with OIDC spec even to execute
the test cases in basic profile?

Thanks,

Hasanthi Dissanayake

Software Engineer | WSO2

E: hasanthi at wso2.com
M :0718407133| http://wso2.com <http://wso2.com/>

On Thu, Jul 21, 2016 at 7:19 PM, Justin Richer <jricher at mit.edu> wrote:

> Looking at the error, I'd ask what's in your
> "token_endpoint_auth_methods_supported" field of your IdP's discovery
> document? MITREid currently outputs this:
>
> "token_endpoint_auth_methods_supported": [
>     "client_secret_post",
>     "client_secret_basic",
>     "client_secret_jwt",
>     "private_key_jwt",
>     "none"
> ]
>
>  -- Justin
>
> On 7/21/2016 9:03 AM, Hasanthi Purnima Dissanayake wrote:
>
> Hi All,
> Can anyone please let me know the reason for getting below when running
> Access token request with client_secret_post authentication
> (OP-ClientAuth-SecretPost-Static) test case.
>
> Result: WARNING
> Warnings:
> OP is not supporting client_secret_post according to
> 'token_endpoint_auth_methods_supported' in the provider configuration
>
> Thanks,
>
> Hasanthi Dissanayake
>
> Software Engineer | WSO2
>
> E: hasanthi at wso2.com
> http://wso2.com
>
>
> _______________________________________________
> Openid-specs-ab mailing listOpenid-specs-ab at lists.openid.nethttp://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20160721/525f3410/attachment-0001.html>


More information about the Openid-specs-ab mailing list