[Openid-specs-ab] Issue #1153: redirect_uri definition contradiction in docs (openid/connect)

Víctor Herraiz Posada issues-reply at bitbucket.org
Fri Feb 7 12:19:49 UTC 2020


New issue 1153: redirect_uri definition contradiction in docs
https://bitbucket.org/openid/connect/issues/1153/redirect_uri-definition-contradiction-in

Víctor Herraiz Posada:

At point “3.1.2.1.  Authentication Request” specifies that the “redirect\_uri“ is REQUIRED.

But at “3.1.3.2. Token Request Validation” says : “If the `redirect_uri` parameter value is not present when there is only one registered `redirect_uri` value, the Authorization Server MAY return an error \(since the Client should have included the parameter\) or MAY proceed without an error \(since OAuth 2.0 permits the parameter to be omitted in this case\).” This sentence makes the field OPTIONAL.




More information about the Openid-specs-ab mailing list