[Openid-specs-fapi] Issue #346: RAR requirement may be unnecessary? (openid/fapi)
issues-reply at bitbucket.org
Thu Nov 19 17:35:00 UTC 2020
New issue 346: RAR requirement may be unnecessary?
FAPI 2 Baseline says the AS:
1. shall support rich authorization requests according to \[@I-D.ietf-oauth-rar\]
I’m not sure I understand the reasoning here. It seems unnecessary for servers to support RAR if scopes or OIDC claims are sufficient for their use cases? \(I can understanding the reasons for point people towards RAR if scopes/etc aren’t sufficient for their use case.\)
More information about the Openid-specs-fapi