[Openid-specs-fapi] Issue #315: PAR certification question (openid/fapi)
josephheenan
issues-reply at bitbucket.org
Wed Sep 16 14:45:21 UTC 2020
New issue 315: PAR certification question
https://bitbucket.org/openid/fapi/issues/315/par-certification-question
Joseph Heenan:
Should the FAPI-RW 1.0 PAR certification tests insist that this form of request:
authorization\_endpoint?request\_uri=<…>&client\_id=<…>
is accepted and works? \(as per JAR [https://tools.ietf.org/html/draft-ietf-oauth-jwsreq-30#section-5](https://tools.ietf.org/html/draft-ietf-oauth-jwsreq-30#section-5) \)
Or asked a different way, it is okay for FAPI compliant requests that use PAR to require that the request takes this form with duplicate parameters outside the request object:
authorization\_endpoint?request\_uri=<…>&client\_id=<…>&scope=<…>&response\_type=<…>
More information about the Openid-specs-fapi
mailing list